1 /* $Id: acl.c,v 1.20 2004/08/15 16:39:11 chorns Exp $
3 * COPYRIGHT: See COPYING in the top level directory
4 * PROJECT: ReactOS kernel
5 * PURPOSE: Security manager
6 * FILE: kernel/se/acl.c
7 * PROGRAMER: David Welch <welch@cwcom.net>
9 * 26/07/98: Added stubs for security functions
12 /* INCLUDES *****************************************************************/
15 #include <internal/debug.h>
17 #define TAG_ACL TAG('A', 'C', 'L', 'T')
20 /* GLOBALS ******************************************************************/
22 PACL EXPORTED SePublicDefaultDacl
= NULL
;
23 PACL EXPORTED SeSystemDefaultDacl
= NULL
;
25 PACL SePublicDefaultUnrestrictedDacl
= NULL
;
26 PACL SePublicOpenDacl
= NULL
;
27 PACL SePublicOpenUnrestrictedDacl
= NULL
;
28 PACL SeUnrestrictedDacl
= NULL
;
31 /* FUNCTIONS ****************************************************************/
40 AclLength2
= sizeof(ACL
) +
41 2 * (RtlLengthRequiredSid(1) + sizeof(ACE
));
42 AclLength3
= sizeof(ACL
) +
43 3 * (RtlLengthRequiredSid(1) + sizeof(ACE
));
44 AclLength4
= sizeof(ACL
) +
45 4 * (RtlLengthRequiredSid(1) + sizeof(ACE
));
47 /* create PublicDefaultDacl */
48 SePublicDefaultDacl
= ExAllocatePoolWithTag(NonPagedPool
,
51 if (SePublicDefaultDacl
== NULL
)
54 RtlCreateAcl(SePublicDefaultDacl
,
58 RtlAddAccessAllowedAce(SePublicDefaultDacl
,
63 RtlAddAccessAllowedAce(SePublicDefaultDacl
,
69 /* create PublicDefaultUnrestrictedDacl */
70 SePublicDefaultUnrestrictedDacl
= ExAllocatePoolWithTag(NonPagedPool
,
73 if (SePublicDefaultUnrestrictedDacl
== NULL
)
76 RtlCreateAcl(SePublicDefaultUnrestrictedDacl
,
80 RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl
,
85 RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl
,
90 RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl
,
95 RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl
,
97 GENERIC_READ
| GENERIC_EXECUTE
| READ_CONTROL
,
100 /* create PublicOpenDacl */
101 SePublicOpenDacl
= ExAllocatePoolWithTag(NonPagedPool
,
104 if (SePublicOpenDacl
== NULL
)
107 RtlCreateAcl(SePublicOpenDacl
,
111 RtlAddAccessAllowedAce(SePublicOpenDacl
,
113 GENERIC_READ
| GENERIC_WRITE
| GENERIC_EXECUTE
,
116 RtlAddAccessAllowedAce(SePublicOpenDacl
,
121 RtlAddAccessAllowedAce(SePublicOpenDacl
,
126 /* create PublicOpenUnrestrictedDacl */
127 SePublicOpenUnrestrictedDacl
= ExAllocatePoolWithTag(NonPagedPool
,
130 if (SePublicOpenUnrestrictedDacl
== NULL
)
133 RtlCreateAcl(SePublicOpenUnrestrictedDacl
,
137 RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl
,
142 RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl
,
147 RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl
,
152 RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl
,
154 GENERIC_READ
| GENERIC_EXECUTE
,
155 SeRestrictedCodeSid
);
157 /* create SystemDefaultDacl */
158 SeSystemDefaultDacl
= ExAllocatePoolWithTag(NonPagedPool
,
161 if (SeSystemDefaultDacl
== NULL
)
164 RtlCreateAcl(SeSystemDefaultDacl
,
168 RtlAddAccessAllowedAce(SeSystemDefaultDacl
,
173 RtlAddAccessAllowedAce(SeSystemDefaultDacl
,
175 GENERIC_READ
| GENERIC_EXECUTE
| READ_CONTROL
,
178 /* create UnrestrictedDacl */
179 SeUnrestrictedDacl
= ExAllocatePoolWithTag(NonPagedPool
,
182 if (SeUnrestrictedDacl
== NULL
)
185 RtlCreateAcl(SeUnrestrictedDacl
,
189 RtlAddAccessAllowedAce(SeUnrestrictedDacl
,
194 RtlAddAccessAllowedAce(SeUnrestrictedDacl
,
196 GENERIC_READ
| GENERIC_EXECUTE
,
197 SeRestrictedCodeSid
);