/* Security descriptor control. */
#define SECURITY_DESCRIPTOR_REVISION (1)
#define SECURITY_DESCRIPTOR_MIN_LENGTH (20)
-#define SE_OWNER_DEFAULTED (1)
-#define SE_GROUP_DEFAULTED (2)
-#define SE_DACL_PRESENT (4)
-#define SE_DACL_DEFAULTED (8)
-#define SE_SACL_PRESENT (16)
-#define SE_SACL_DEFAULTED (32)
-#define SE_SELF_RELATIVE (32768)
+#define SE_OWNER_DEFAULTED (0x0001)
+#define SE_GROUP_DEFAULTED (0x0002)
+#define SE_DACL_PRESENT (0x0004)
+#define SE_DACL_DEFAULTED (0x0008)
+#define SE_SACL_PRESENT (0x0010)
+#define SE_SACL_DEFAULTED (0x0020)
+#define SE_RM_CONTROL_VALID (0x4000)
+#define SE_SELF_RELATIVE (0x8000)
#endif
/* This is defined in the Win 32 API headers as something else: */
#ifndef __USE_W32API
+#define SYSTEM_LUID { 0x3E7, 0x0 }
+#define ANONYMOUS_LOGON_LUID { 0x3e6, 0x0 }
+#define LOCALSERVICE_LUID { 0x3e5, 0x0 }
+#define NETWORKSERVICE_LUID { 0x3e4, 0x0 }
+
/* SID Auhority */
#define SECURITY_NULL_SID_AUTHORITY {0,0,0,0,0,0}
#define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1}
#define DOMAIN_ALIAS_RID_REPLICATOR (0x228L)
/* ACCESS_MASK */
-#define MAXIMUM_ALLOWED (0x02000000L)
-#define GENERIC_ALL (0x10000000L)
+/* Generic rights */
+#define GENERIC_READ (0x80000000L)
+#define GENERIC_WRITE (0x40000000L)
#define GENERIC_EXECUTE (0x20000000L)
+#define GENERIC_ALL (0x10000000L)
+#define MAXIMUM_ALLOWED (0x02000000L)
+#define ACCESS_SYSTEM_SECURITY (0x01000000L)
/* Standard rights */
#define STANDARD_RIGHTS_REQUIRED (0x000f0000L)
#define TOKEN_ADJUST_PRIVILEGES (0x0020L)
#define TOKEN_ADJUST_GROUPS (0x0040L)
#define TOKEN_ADJUST_DEFAULT (0x0080L)
+#define TOKEN_ADJUST_SESSIONID (0x0100L)
-#define TOKEN_ALL_ACCESS (0xf00ffL)
+#define TOKEN_ALL_ACCESS (0xf01ffL)
#define TOKEN_READ (0x20008L)
#define TOKEN_WRITE (0x200e0L)
#define TOKEN_EXECUTE (0x20000L)
-typedef BOOL SECURITY_CONTEXT_TRACKING_MODE;
+typedef BOOLEAN SECURITY_CONTEXT_TRACKING_MODE, *PSECURITY_CONTEXT_TRACKING_MODE;
#define SECURITY_STATIC_TRACKING (0)
#define SECURITY_DYNAMIC_TRACKING (1)
TokenSource,
TokenType,
TokenImpersonationLevel,
- TokenStatistics
+ TokenStatistics,
+ TokenRestrictedSids,
+ TokenSessionId,
+ TokenGroupsAndPrivileges,
+ TokenSessionReference,
+ TokenSandBoxInert,
+ TokenAuditPolicy,
+ TokenOrigin
} TOKEN_INFORMATION_CLASS;
-typedef ULONG SECURITY_IMPERSONATION_LEVEL, *PSECURITY_IMPERSONATION_LEVEL;
-
-#define SecurityAnonymous ((SECURITY_IMPERSONATION_LEVEL)1)
-#define SecurityIdentification ((SECURITY_IMPERSONATION_LEVEL)2)
-#define SecurityImpersonation ((SECURITY_IMPERSONATION_LEVEL)3)
-#define SecurityDelegation ((SECURITY_IMPERSONATION_LEVEL)4)
+typedef enum _SECURITY_IMPERSONATION_LEVEL
+{
+ SecurityAnonymous,
+ SecurityIdentification,
+ SecurityImpersonation,
+ SecurityDelegation
+} SECURITY_IMPERSONATION_LEVEL, *PSECURITY_IMPERSONATION_LEVEL;
typedef ULONG ACCESS_MASK, *PACCESS_MASK;
typedef ULONG TOKEN_TYPE, *PTOKEN_TYPE;
UCHAR SubAuthorityCount;
SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
ULONG SubAuthority[1];
-} SID, *PSID;
+} SID, *PISID;
+
+typedef PVOID PSID;
typedef struct _ACL
{
PACL Dacl;
} SECURITY_DESCRIPTOR, *PSECURITY_DESCRIPTOR;
+typedef struct _SECURITY_DESCRIPTOR_RELATIVE
+{
+ UCHAR Revision;
+ UCHAR Sbz1;
+ SECURITY_DESCRIPTOR_CONTROL Control;
+ ULONG Owner;
+ ULONG Group;
+ ULONG Sacl;
+ ULONG Dacl;
+} SECURITY_DESCRIPTOR_RELATIVE, *PSECURITY_DESCRIPTOR_RELATIVE;
+
typedef struct _LUID_AND_ATTRIBUTES
{
LUID Luid;
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
} TOKEN_GROUPS, *PTOKEN_GROUPS, *LPTOKEN_GROUPS;
+typedef struct _TOKEN_GROUPS_AND_PRIVILEGES
+{
+ ULONG SidCount;
+ ULONG SidLength;
+ PSID_AND_ATTRIBUTES Sids;
+ ULONG RestrictedSidCount;
+ ULONG RestrictedSidLength;
+ PSID_AND_ATTRIBUTES RestrictedSids;
+ ULONG PrivilegeCount;
+ ULONG PrivilegeLength;
+ PLUID_AND_ATTRIBUTES Privileges;
+ LUID AuthenticationId;
+} TOKEN_GROUPS_AND_PRIVILEGES, *PTOKEN_GROUPS_AND_PRIVILEGES;
+
typedef struct _TOKEN_PRIVILEGES
{
DWORD PrivilegeCount;
LUID ModifiedId;
} TOKEN_STATISTICS, *PTOKEN_STATISTICS;
+typedef struct _TOKEN_ORIGIN {
+ LUID OriginatingLogonSession;
+} TOKEN_ORIGIN, *PTOKEN_ORIGIN;
+
typedef struct _GENERIC_MAPPING
{
ACCESS_MASK GenericRead;
projects / reactos.git / blobdiff