static BOOLEAN SepInitExports(VOID);
+#if defined (ALLOC_PRAGMA)
+#pragma alloc_text(INIT, SeInit1)
+#pragma alloc_text(INIT, SeInit2)
+#pragma alloc_text(INIT, SepInitExports)
+#endif
/* FUNCTIONS ****************************************************************/
OUT PACCESS_MASK GrantedAccess,
OUT PNTSTATUS AccessStatus)
{
- SECURITY_SUBJECT_CONTEXT SubjectSecurityContext;
+ SECURITY_SUBJECT_CONTEXT SubjectSecurityContext = {0};
KPROCESSOR_MODE PreviousMode;
PTOKEN Token;
NTSTATUS Status;
return STATUS_ACCESS_VIOLATION;
}
- RtlZeroMemory(&SubjectSecurityContext,
- sizeof(SECURITY_SUBJECT_CONTEXT));
SubjectSecurityContext.ClientToken = Token;
SubjectSecurityContext.ImpersonationLevel = Token->ImpersonationLevel;
return Status;
}
+VOID STDCALL
+SeQuerySecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
+ OUT PACCESS_MASK DesiredAccess)
+{
+ if (SecurityInformation & (OWNER_SECURITY_INFORMATION |
+ GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION))
+ {
+ *DesiredAccess |= READ_CONTROL;
+ }
+ if (SecurityInformation & SACL_SECURITY_INFORMATION)
+ {
+ *DesiredAccess |= ACCESS_SYSTEM_SECURITY;
+ }
+}
+
+VOID STDCALL
+SeSetSecurityAccessMask(IN SECURITY_INFORMATION SecurityInformation,
+ OUT PACCESS_MASK DesiredAccess)
+{
+ if (SecurityInformation & (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION))
+ {
+ *DesiredAccess |= WRITE_OWNER;
+ }
+ if (SecurityInformation & DACL_SECURITY_INFORMATION)
+ {
+ *DesiredAccess |= WRITE_DAC;
+ }
+ if (SecurityInformation & SACL_SECURITY_INFORMATION)
+ {
+ *DesiredAccess |= ACCESS_SYSTEM_SECURITY;
+ }
+}
+
/* EOF */