{
ULONG i;
ULONG j;
- ULONG k;
+ ULONG Required;
DPRINT("SepPrivilegeCheck() called\n");
PAGED_CODE();
if (PreviousMode == KernelMode)
- {
return TRUE;
- }
- k = 0;
- if (PrivilegeCount > 0)
+ /* Get the number of privileges that are required to match */
+ Required = (PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) ? PrivilegeCount : 1;
+
+ /* Loop all requested privileges until we found the required ones */
+ for (i = 0; i < PrivilegeCount && Required > 0; i++)
{
- for (i = 0; i < Token->PrivilegeCount; i++)
+ /* Loop the privileges of the token */
+ for (j = 0; j < Token->PrivilegeCount; j++)
{
- for (j = 0; j < PrivilegeCount; j++)
+ /* Check if the LUIDs match */
+ if (Token->Privileges[j].Luid.LowPart == Privileges[i].Luid.LowPart &&
+ Token->Privileges[j].Luid.HighPart == Privileges[i].Luid.HighPart)
{
- if (Token->Privileges[i].Luid.LowPart == Privileges[j].Luid.LowPart &&
- Token->Privileges[i].Luid.HighPart == Privileges[j].Luid.HighPart)
+ DPRINT("Found privilege. Attributes: %lx\n",
+ Token->Privileges[j].Attributes);
+
+ /* Check if the privilege is enabled */
+ if (Token->Privileges[j].Attributes & SE_PRIVILEGE_ENABLED)
{
- DPRINT("Found privilege\n");
- DPRINT("Privilege attributes %lx\n",
- Token->Privileges[i].Attributes);
-
- if (Token->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED)
- {
- Privileges[j].Attributes |= SE_PRIVILEGE_USED_FOR_ACCESS;
- k++;
- }
+ Privileges[i].Attributes |= SE_PRIVILEGE_USED_FOR_ACCESS;
+ Required--;
}
+
+ /* Leave the inner loop */
+ break;
}
}
}
- if ((PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY) &&
- PrivilegeCount == k)
- {
- return TRUE;
- }
-
- if (k > 0 &&
- !(PrivilegeControl & PRIVILEGE_SET_ALL_NECESSARY))
- {
- return TRUE;
- }
-
- return FALSE;
+ /* Return whether we found all required privileges */
+ return (Required == 0);
}
NTSTATUS
return Result;
}
+BOOLEAN
+NTAPI
+SeCheckPrivilegedObject(IN LUID PrivilegeValue,
+ IN HANDLE ObjectHandle,
+ IN ACCESS_MASK DesiredAccess,
+ IN KPROCESSOR_MODE PreviousMode)
+{
+ SECURITY_SUBJECT_CONTEXT SubjectContext;
+ PRIVILEGE_SET Priv;
+ BOOLEAN Result;
+
+ PAGED_CODE();
+
+ SeCaptureSubjectContext(&SubjectContext);
+
+ Priv.PrivilegeCount = 1;
+ Priv.Control = PRIVILEGE_SET_ALL_NECESSARY;
+ Priv.Privilege[0].Luid = PrivilegeValue;
+ Priv.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
+
+ Result = SePrivilegeCheck(&Priv, &SubjectContext, PreviousMode);
+ if (PreviousMode != KernelMode)
+ {
+#if 0
+ SePrivilegeObjectAuditAlarm(ObjectHandle,
+ &SubjectContext,
+ DesiredAccess,
+ &PrivilegeValue,
+ Result,
+ PreviousMode);
+#endif
+ }
+
+ SeReleaseSubjectContext(&SubjectContext);
+
+ return Result;
+}
+
/* SYSTEM CALLS ***************************************************************/
NTSTATUS
not doing an anonymous impersonation */
Status = ObReferenceObjectByHandle(ClientToken,
TOKEN_QUERY,
- SepTokenObjectType,
+ SeTokenObjectType,
PreviousMode,
(PVOID*)&Token,
NULL);