/******************************************************************************
* GetSecurityDescriptorGroup [ADVAPI32.@]
*/
BOOL WINAPI GetSecurityDescriptorGroup(
PSECURITY_DESCRIPTOR SecurityDescriptor,
PSID *Group,
LPBOOL GroupDefaulted)
{
CallWin32ToNt (RtlGetGroupSecurityDescriptor(SecurityDescriptor, Group, (PBOOLEAN)GroupDefaulted));
}
static
VOID
LwpsLegacyFreeSecurityDescriptor(
IN OUT PSECURITY_DESCRIPTOR_ABSOLUTE *ppSecurityDescriptor
)
{
if (*ppSecurityDescriptor)
{
PSECURITY_DESCRIPTOR_ABSOLUTE pSecDesc = *ppSecurityDescriptor;
PSID pOwner = NULL;
PSID pGroup = NULL;
PACL pDacl = NULL;
PACL pSacl = NULL;
BOOLEAN bDefaulted = FALSE;
BOOLEAN bPresent = FALSE;
RtlGetOwnerSecurityDescriptor(pSecDesc, &pOwner, &bDefaulted);
RtlGetGroupSecurityDescriptor(pSecDesc, &pGroup, &bDefaulted);
RtlGetDaclSecurityDescriptor(pSecDesc, &bPresent, &pDacl, &bDefaulted);
RtlGetSaclSecurityDescriptor(pSecDesc, &bPresent, &pSacl, &bDefaulted);
LW_RTL_FREE(&pSecDesc);
LW_RTL_FREE(&pOwner);
LW_RTL_FREE(&pGroup);
LW_RTL_FREE(&pDacl);
LW_RTL_FREE(&pSacl);
*ppSecurityDescriptor = NULL;
}
}
NTSTATUS PhSetSeObjectSecurity(
_In_ HANDLE Handle,
_In_ ULONG ObjectType,
_In_ SECURITY_INFORMATION SecurityInformation,
_In_ PSECURITY_DESCRIPTOR SecurityDescriptor
)
{
ULONG win32Result;
SECURITY_INFORMATION securityInformation = 0;
BOOLEAN present;
BOOLEAN defaulted;
PSID owner = NULL;
PSID group = NULL;
PACL dacl = NULL;
PACL sacl = NULL;
if (SecurityInformation & OWNER_SECURITY_INFORMATION)
{
if (NT_SUCCESS(RtlGetOwnerSecurityDescriptor(SecurityDescriptor, &owner, &defaulted)))
securityInformation |= OWNER_SECURITY_INFORMATION;
}
if (SecurityInformation & GROUP_SECURITY_INFORMATION)
{
if (NT_SUCCESS(RtlGetGroupSecurityDescriptor(SecurityDescriptor, &group, &defaulted)))
securityInformation |= GROUP_SECURITY_INFORMATION;
}
if (SecurityInformation & DACL_SECURITY_INFORMATION)
{
if (NT_SUCCESS(RtlGetDaclSecurityDescriptor(SecurityDescriptor, &present, &dacl, &defaulted)) && present)
securityInformation |= DACL_SECURITY_INFORMATION;
}
if (SecurityInformation & SACL_SECURITY_INFORMATION)
{
if (NT_SUCCESS(RtlGetSaclSecurityDescriptor(SecurityDescriptor, &present, &sacl, &defaulted)) && present)
securityInformation |= SACL_SECURITY_INFORMATION;
}
win32Result = SetSecurityInfo(
Handle,
ObjectType,
SecurityInformation,
owner,
group,
dacl,
sacl
);
if (win32Result != ERROR_SUCCESS)
return NTSTATUS_FROM_WIN32(win32Result);
return STATUS_SUCCESS;
}
VOID
EVTFreeSecurityDescriptor(
PSECURITY_DESCRIPTOR_ABSOLUTE pSecDesc
)
{
PSID pOwnerSid = NULL;
BOOLEAN bOwnerDefaulted = FALSE;
PSID pPrimaryGroupSid = NULL;
BOOLEAN bPrimaryGroupDefaulted = FALSE;
PACL pDacl = NULL;
BOOLEAN bDaclPresent = FALSE;
BOOLEAN bDaclDefaulted = FALSE;
PACL pSacl = NULL;
BOOLEAN bSaclPresent = FALSE;
BOOLEAN bSaclDefaulted = FALSE;
if (pSecDesc)
{
RtlGetOwnerSecurityDescriptor(pSecDesc,
&pOwnerSid,
&bOwnerDefaulted);
LW_SAFE_FREE_MEMORY(pOwnerSid);
RtlGetGroupSecurityDescriptor(pSecDesc,
&pPrimaryGroupSid,
&bPrimaryGroupDefaulted);
LW_SAFE_FREE_MEMORY(pPrimaryGroupSid);
RtlGetDaclSecurityDescriptor(pSecDesc,
&bDaclPresent,
&pDacl,
&bDaclDefaulted);
LW_SAFE_FREE_MEMORY(pDacl);
RtlGetSaclSecurityDescriptor(pSecDesc,
&bSaclPresent,
&pSacl,
&bSaclDefaulted);
LW_SAFE_FREE_MEMORY(pSacl);
LW_SAFE_FREE_MEMORY(pSecDesc);
}
}
static
VOID
SrvShareFreeAbsoluteSecurityDescriptor(
IN OUT PSECURITY_DESCRIPTOR_ABSOLUTE *ppSecDesc
)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
PSID pOwner = NULL;
PSID pGroup = NULL;
PACL pDacl = NULL;
PACL pSacl = NULL;
BOOLEAN bDefaulted = FALSE;
BOOLEAN bPresent = FALSE;
PSECURITY_DESCRIPTOR_ABSOLUTE pSecDesc = NULL;
if ((ppSecDesc == NULL) || (*ppSecDesc == NULL))
{
return;
}
pSecDesc = *ppSecDesc;
ntStatus = RtlGetOwnerSecurityDescriptor(pSecDesc, &pOwner, &bDefaulted);
ntStatus = RtlGetGroupSecurityDescriptor(pSecDesc, &pGroup, &bDefaulted);
ntStatus = RtlGetDaclSecurityDescriptor(pSecDesc, &bPresent, &pDacl, &bDefaulted);
ntStatus = RtlGetSaclSecurityDescriptor(pSecDesc, &bPresent, &pSacl, &bDefaulted);
ntStatus = ntStatus;
RTL_FREE(&pSecDesc);
RTL_FREE(&pOwner);
RTL_FREE(&pGroup);
RTL_FREE(&pDacl);
RTL_FREE(&pSacl);
*ppSecDesc = NULL;
return;
}
/*
* @implemented
*/
BOOL
WINAPI
GetSecurityDescriptorGroup(PSECURITY_DESCRIPTOR pSecurityDescriptor,
PSID *pGroup,
LPBOOL lpbGroupDefaulted)
{
BOOLEAN GroupDefaulted;
NTSTATUS Status;
Status = RtlGetGroupSecurityDescriptor(pSecurityDescriptor,
pGroup,
&GroupDefaulted);
*lpbGroupDefaulted = (BOOL)GroupDefaulted;
if (!NT_SUCCESS(Status))
{
SetLastError(RtlNtStatusToDosError(Status));
return FALSE;
}
return TRUE;
}
//----------------------------------------------------------------------
//
// NTIMakeAbsoluteSD
//
// Takes a self-relative security descriptor and returns an allocated
// absolute version. Caller is responsibile for freeing the allocated
// buffer on success.
//
//----------------------------------------------------------------------
NTSTATUS NTIMakeAbsoluteSD( PSECURITY_DESCRIPTOR RelSecurityDescriptor,
PSECURITY_DESCRIPTOR *pAbsSecurityDescriptor )
{
NTSTATUS status;
BOOLEAN DaclPresent, DaclDefaulted, OwnerDefaulted, GroupDefaulted;
PACL Dacl;
PSID Owner, Group;
PSECURITY_DESCRIPTOR absSecurityDescriptor;
//
// Initialize buffer pointers
//
absSecurityDescriptor = (PSECURITY_DESCRIPTOR) ExAllocatePool( NonPagedPool, 1024 );
*pAbsSecurityDescriptor = absSecurityDescriptor;
//
// Create an absolute-form security descriptor for manipulation.
// The one on the security descriptor is in self-relative form.
//
status = RtlCreateSecurityDescriptor( absSecurityDescriptor,
SECURITY_DESCRIPTOR_REVISION );
if( !NT_SUCCESS( status ) ) {
DbgPrint(("Secsys: Unable to initialize security descriptor\n"));
goto cleanup;
}
//
// Locate the descriptor's DACL and apply the DACL to the new
// descriptor we're going to modify
//
status = RtlGetDaclSecurityDescriptor( RelSecurityDescriptor,
&DaclPresent,
&Dacl,
&DaclDefaulted );
if( !NT_SUCCESS( status ) || !DaclPresent ) {
if( !NT_SUCCESS( status )) {
DbgPrint(("Secsys: Error obtaining security descriptor's DACL: %x\n", status ));
} else {
DbgPrint(("Secsys: Security descriptor does not have a DACL\n" ));
}
goto cleanup;
}
status = RtlSetDaclSecurityDescriptor( absSecurityDescriptor,
DaclPresent,
Dacl,
DaclDefaulted );
if( !NT_SUCCESS( status )) {
DbgPrint(("Secsys: Coult not set new security descriptor DACL: %x\n", status ));
goto cleanup;
}
//
// We would get and apply the SACL at this point, but NT does not export
// the appropriate function, RtlGetSaclSecurityDescriptor :-(
//
//
// Get and apply the owner
//
status = RtlGetOwnerSecurityDescriptor( RelSecurityDescriptor,
&Owner,
&OwnerDefaulted );
if( !NT_SUCCESS( status )) {
DbgPrint(("Secsys: Could not security descriptor owner: %x\n", Owner ));
goto cleanup;
}
status = RtlSetOwnerSecurityDescriptor( absSecurityDescriptor,
Owner,
OwnerDefaulted );
if( !NT_SUCCESS( status )) {
DbgPrint(("Secsys: Could not set owner: %x\n", status ));
goto cleanup;
}
//
// Get and apply group
//
status = RtlGetGroupSecurityDescriptor( RelSecurityDescriptor,
&Group,
&GroupDefaulted );
if( !NT_SUCCESS( status )) {
DbgPrint(("Secsys: Could not security descriptor group: %x\n", Owner ));
goto cleanup;
}
status = RtlSetGroupSecurityDescriptor( absSecurityDescriptor,
Group,
GroupDefaulted );
if( !NT_SUCCESS( status )) {
DbgPrint(("Secsys: Could not set group: %x\n", status ));
goto cleanup;
}
//
// Finally, make sure that what we made is valid
//
if( !RtlValidSecurityDescriptor( absSecurityDescriptor )) {
DbgPrint(("Secsys: absolute descriptor not valid!\n"));
status = STATUS_UNSUCCESSFUL;
}
//
// Done! Return.
//
cleanup:
if( !NT_SUCCESS( status ) ) {
ExFreePool( absSecurityDescriptor );
}
return status;
}
NTSTATUS
SrvShareSetSecurity(
IN PSRV_SHARE_INFO pShareInfo,
IN PSECURITY_DESCRIPTOR_RELATIVE pIncRelSecDesc,
IN ULONG ulIncRelSecDescLen
)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
PSECURITY_DESCRIPTOR_ABSOLUTE pIncAbsSecDesc = NULL;
PSECURITY_DESCRIPTOR_ABSOLUTE pFinalAbsSecDesc = NULL;
PSECURITY_DESCRIPTOR_RELATIVE pFinalRelSecDesc = NULL;
ULONG ulFinalRelSecDescLen = 0;
SECURITY_INFORMATION secInfo = 0;
PSID pOwner = NULL;
PSID pGroup = NULL;
PACL pDacl = NULL;
PACL pSacl = NULL;
BOOLEAN bDefaulted = FALSE;
BOOLEAN bPresent = FALSE;
GENERIC_MAPPING GenericMap = {
.GenericRead = FILE_GENERIC_READ,
.GenericWrite = FILE_GENERIC_WRITE,
.GenericExecute = FILE_GENERIC_EXECUTE,
.GenericAll = FILE_ALL_ACCESS };
/* Sanity checks */
if ((pIncRelSecDesc == NULL) || (ulIncRelSecDescLen == 0))
{
ntStatus = STATUS_INVALID_PARAMETER;
BAIL_ON_NT_STATUS(ntStatus);
}
if (pShareInfo->ulSecDescLen == 0)
{
ntStatus = SrvShareSetDefaultSecurity(pShareInfo);
BAIL_ON_NT_STATUS(ntStatus);
}
/* Make the Absolute version of thr incoming SD and
get the SecurityInformation */
ntStatus = SrvShareCreateAbsoluteSecDescFromRel(
&pIncAbsSecDesc,
pIncRelSecDesc) ;
BAIL_ON_NT_STATUS(ntStatus);
/* Don't bail on these. We'll be checking the pointer */
ntStatus = RtlGetOwnerSecurityDescriptor(
pIncAbsSecDesc,
&pOwner,
&bDefaulted);
secInfo |= pOwner ? OWNER_SECURITY_INFORMATION : 0;
ntStatus = RtlGetGroupSecurityDescriptor(
pIncAbsSecDesc,
&pGroup,
&bDefaulted);
secInfo |= pGroup ? GROUP_SECURITY_INFORMATION : 0;
ntStatus = RtlGetDaclSecurityDescriptor(
pIncAbsSecDesc,
&bPresent,
&pDacl,
&bDefaulted);
secInfo |= pDacl ? DACL_SECURITY_INFORMATION : 0;
ntStatus = RtlGetSaclSecurityDescriptor(
pIncAbsSecDesc,
&bPresent,
&pSacl,
&bDefaulted);
secInfo |= pSacl ? SACL_SECURITY_INFORMATION : 0;
/* Assume the new length is not longer than the combined length
of both the current and incoming relative SecDesc buffers */
ulFinalRelSecDescLen = ulIncRelSecDescLen + pShareInfo->ulSecDescLen;
ntStatus = SrvAllocateMemory(
ulFinalRelSecDescLen,
(PVOID*)&pFinalRelSecDesc);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = RtlSetSecurityDescriptorInfo(
secInfo,
pIncRelSecDesc,
pShareInfo->pSecDesc,
pFinalRelSecDesc,
&ulFinalRelSecDescLen,
&GenericMap);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = SrvShareCreateAbsoluteSecDescFromRel(
&pFinalAbsSecDesc,
pFinalRelSecDesc) ;
BAIL_ON_NT_STATUS(ntStatus);
/* Free the old SecDesc and save the new one */
SrvShareFreeSecurity(pShareInfo);
pShareInfo->pSecDesc = pFinalRelSecDesc;
pShareInfo->ulSecDescLen = ulFinalRelSecDescLen;
pShareInfo->pAbsSecDesc = pFinalAbsSecDesc;
ntStatus = STATUS_SUCCESS;
cleanup:
if (pIncAbsSecDesc)
{
SrvShareFreeAbsoluteSecurityDescriptor(&pIncAbsSecDesc);
}
return ntStatus;
error:
if (pFinalRelSecDesc)
{
SrvFreeMemory(pFinalRelSecDesc);
}
if (pFinalAbsSecDesc)
{
SrvShareFreeAbsoluteSecurityDescriptor(&pFinalAbsSecDesc);
}
goto cleanup;
}
static
NTSTATUS
LsaSrvQueryPolicySecurity(
PPOLICY_CONTEXT pAccountContext,
SECURITY_INFORMATION SecurityInformation,
PSECURITY_DESCRIPTOR_RELATIVE *ppSecurityDescRelative,
PDWORD pSecurityDescRelativeSize
)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
DWORD err = ERROR_SUCCESS;
PSECURITY_DESCRIPTOR_ABSOLUTE pSecDesc = gpLsaSecDesc;
PSECURITY_DESCRIPTOR_ABSOLUTE pSecurityDesc = NULL;
PSECURITY_DESCRIPTOR_RELATIVE pSecurityDescRelative = NULL;
DWORD securityDescRelativeSize = 0;
err = LwAllocateMemory(
SECURITY_DESCRIPTOR_ABSOLUTE_MIN_SIZE,
OUT_PPVOID(&pSecurityDesc));
BAIL_ON_LSA_ERROR(err);
ntStatus = RtlCreateSecurityDescriptorAbsolute(
pSecurityDesc,
SECURITY_DESCRIPTOR_REVISION);
BAIL_ON_NT_STATUS(ntStatus);
if (SecurityInformation & OWNER_SECURITY_INFORMATION)
{
PSID owner = NULL;
BOOLEAN defaulted = FALSE;
ntStatus = RtlGetOwnerSecurityDescriptor(
pSecDesc,
&owner,
&defaulted);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = RtlSetOwnerSecurityDescriptor(
pSecurityDesc,
owner,
defaulted);
BAIL_ON_NT_STATUS(ntStatus);
}
if (SecurityInformation & GROUP_SECURITY_INFORMATION)
{
PSID group = NULL;
BOOLEAN defaulted = FALSE;
ntStatus = RtlGetGroupSecurityDescriptor(
pSecDesc,
&group,
&defaulted);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = RtlSetGroupSecurityDescriptor(
pSecurityDesc,
group,
defaulted);
BAIL_ON_NT_STATUS(ntStatus);
}
if (SecurityInformation & DACL_SECURITY_INFORMATION)
{
PACL pDacl = NULL;
BOOLEAN daclPresent = FALSE;
BOOLEAN defaulted = FALSE;
ntStatus = RtlGetDaclSecurityDescriptor(
pSecDesc,
&daclPresent,
&pDacl,
&defaulted);
BAIL_ON_NT_STATUS(ntStatus);
if (daclPresent)
{
ntStatus = RtlSetDaclSecurityDescriptor(
pSecurityDesc,
daclPresent,
pDacl,
defaulted);
BAIL_ON_NT_STATUS(ntStatus);
}
}
if (SecurityInformation & SACL_SECURITY_INFORMATION)
{
PACL pSacl = NULL;
BOOLEAN saclPresent = FALSE;
BOOLEAN defaulted = FALSE;
ntStatus = RtlGetSaclSecurityDescriptor(
pSecDesc,
&saclPresent,
&pSacl,
&defaulted);
BAIL_ON_NT_STATUS(ntStatus);
if (saclPresent)
{
ntStatus = RtlSetSaclSecurityDescriptor(
pSecurityDesc,
saclPresent,
pSacl,
defaulted);
BAIL_ON_NT_STATUS(ntStatus);
}
}
ntStatus = RtlAbsoluteToSelfRelativeSD(
pSecurityDesc,
pSecurityDescRelative,
&securityDescRelativeSize);
if (ntStatus == STATUS_BUFFER_TOO_SMALL)
{
ntStatus = STATUS_SUCCESS;
}
else if (ntStatus != STATUS_SUCCESS)
{
BAIL_ON_NT_STATUS(ntStatus);
}
ntStatus = LsaSrvAllocateMemory(
OUT_PPVOID(&pSecurityDescRelative),
securityDescRelativeSize);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = RtlAbsoluteToSelfRelativeSD(
pSecurityDesc,
pSecurityDescRelative,
&securityDescRelativeSize);
BAIL_ON_NT_STATUS(ntStatus);
*ppSecurityDescRelative = pSecurityDescRelative;
*pSecurityDescRelativeSize = securityDescRelativeSize;
error:
if (err || ntStatus)
{
if (pSecurityDescRelative)
{
LsaSrvFreeMemory(pSecurityDescRelative);
}
*ppSecurityDescRelative = NULL;
*pSecurityDescRelativeSize = 0;
}
LW_SAFE_FREE_MEMORY(pSecurityDesc);
if (ntStatus == STATUS_SUCCESS &&
err != ERROR_SUCCESS)
{
ntStatus = LwWin32ErrorToNtStatus(err);
}
return ntStatus;
}
VOID
LocalDirFreeSecurityDescriptor(
PSECURITY_DESCRIPTOR_ABSOLUTE *ppSecDesc
)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
PSECURITY_DESCRIPTOR_ABSOLUTE pSecDesc = NULL;
PSID pOwnerSid = NULL;
BOOLEAN bOwnerDefaulted = FALSE;
PSID pPrimaryGroupSid = NULL;
BOOLEAN bPrimaryGroupDefaulted = FALSE;
PACL pDacl = NULL;
BOOLEAN bDaclPresent = FALSE;
BOOLEAN bDaclDefaulted = FALSE;
PACL pSacl = NULL;
BOOLEAN bSaclPresent = FALSE;
BOOLEAN bSaclDefaulted = FALSE;
if (ppSecDesc == NULL ||
*ppSecDesc == NULL)
{
return;
}
pSecDesc = *ppSecDesc;
ntStatus = RtlGetOwnerSecurityDescriptor(pSecDesc,
&pOwnerSid,
&bOwnerDefaulted);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = RtlGetGroupSecurityDescriptor(pSecDesc,
&pPrimaryGroupSid,
&bPrimaryGroupDefaulted);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = RtlGetDaclSecurityDescriptor(pSecDesc,
&bDaclPresent,
&pDacl,
&bDaclDefaulted);
BAIL_ON_NT_STATUS(ntStatus);
ntStatus = RtlGetSaclSecurityDescriptor(pSecDesc,
&bSaclPresent,
&pSacl,
&bSaclDefaulted);
BAIL_ON_NT_STATUS(ntStatus);
error:
LW_SAFE_FREE_MEMORY(pOwnerSid);
LW_SAFE_FREE_MEMORY(pPrimaryGroupSid);
if (bDaclPresent)
{
LW_SAFE_FREE_MEMORY(pDacl);
}
if (bSaclPresent)
{
LW_SAFE_FREE_MEMORY(pSacl);
}
LW_SAFE_FREE_MEMORY(pSecDesc);
*ppSecDesc = NULL;
}
/* creates a struct security_descriptor and contained information in one contiguous piece of memory */
NTSTATUS NTDLL_create_struct_sd(PSECURITY_DESCRIPTOR nt_sd, struct security_descriptor **server_sd,
data_size_t *server_sd_len)
{
unsigned int len;
PSID owner, group;
ACL *dacl, *sacl;
BOOLEAN owner_present, group_present, dacl_present, sacl_present;
BOOLEAN defaulted;
NTSTATUS status;
unsigned char *ptr;
if (!nt_sd)
{
*server_sd = NULL;
*server_sd_len = 0;
return STATUS_SUCCESS;
}
len = sizeof(struct security_descriptor);
status = RtlGetOwnerSecurityDescriptor(nt_sd, &owner, &owner_present);
if (status != STATUS_SUCCESS) return status;
status = RtlGetGroupSecurityDescriptor(nt_sd, &group, &group_present);
if (status != STATUS_SUCCESS) return status;
status = RtlGetSaclSecurityDescriptor(nt_sd, &sacl_present, &sacl, &defaulted);
if (status != STATUS_SUCCESS) return status;
status = RtlGetDaclSecurityDescriptor(nt_sd, &dacl_present, &dacl, &defaulted);
if (status != STATUS_SUCCESS) return status;
if (owner_present)
len += RtlLengthSid(owner);
if (group_present)
len += RtlLengthSid(group);
if (sacl_present && sacl)
len += sacl->AclSize;
if (dacl_present && dacl)
len += dacl->AclSize;
/* fix alignment for the Unicode name that follows the structure */
len = (len + sizeof(WCHAR) - 1) & ~(sizeof(WCHAR) - 1);
*server_sd = RtlAllocateHeap(GetProcessHeap(), 0, len);
if (!*server_sd) return STATUS_NO_MEMORY;
(*server_sd)->control = ((SECURITY_DESCRIPTOR *)nt_sd)->Control & ~SE_SELF_RELATIVE;
(*server_sd)->owner_len = owner_present ? RtlLengthSid(owner) : 0;
(*server_sd)->group_len = group_present ? RtlLengthSid(group) : 0;
(*server_sd)->sacl_len = (sacl_present && sacl) ? sacl->AclSize : 0;
(*server_sd)->dacl_len = (dacl_present && dacl) ? dacl->AclSize : 0;
ptr = (unsigned char *)(*server_sd + 1);
memcpy(ptr, owner, (*server_sd)->owner_len);
ptr += (*server_sd)->owner_len;
memcpy(ptr, group, (*server_sd)->group_len);
ptr += (*server_sd)->group_len;
memcpy(ptr, sacl, (*server_sd)->sacl_len);
ptr += (*server_sd)->sacl_len;
memcpy(ptr, dacl, (*server_sd)->dacl_len);
*server_sd_len = len;
return STATUS_SUCCESS;
}
NTSTATUS
PvfsSetSecurityDescriptorFile(
IN PPVFS_CCB pCcb,
IN SECURITY_INFORMATION SecInfo,
IN PSECURITY_DESCRIPTOR_RELATIVE pSecDesc,
IN ULONG SecDescLength
)
{
NTSTATUS ntError = STATUS_ACCESS_DENIED;
PSECURITY_DESCRIPTOR_RELATIVE pFinalSecDesc = NULL;
ULONG ulFinalSecDescLength = 0;
SECURITY_INFORMATION SecInfoAll = (OWNER_SECURITY_INFORMATION |
GROUP_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION |
SACL_SECURITY_INFORMATION);
BYTE pCurrentSecDescBuffer[SECURITY_DESCRIPTOR_RELATIVE_MAX_SIZE];
ULONG ulCurrentSecDescLength = SECURITY_DESCRIPTOR_RELATIVE_MAX_SIZE;
BYTE pNewSecDescBuffer[SECURITY_DESCRIPTOR_RELATIVE_MAX_SIZE];
ULONG ulNewSecDescLength = SECURITY_DESCRIPTOR_RELATIVE_MAX_SIZE;
PSECURITY_DESCRIPTOR_ABSOLUTE pIncAbsSecDesc = NULL;
union {
TOKEN_OWNER TokenOwnerInfo;
BYTE Buffer[SID_MAX_SIZE];
} TokenOwnerBuffer;
PTOKEN_OWNER pTokenOwnerInformation = (PTOKEN_OWNER)&TokenOwnerBuffer;
ULONG ulTokenOwnerLength = 0;
union {
SID Sid;
BYTE Buffer[SID_MAX_SIZE];
} LocalSystemSidBuffer;
PSID pLocalSystemSid = (PSID)&LocalSystemSidBuffer;
ULONG ulLocalSystemSidLength = sizeof(LocalSystemSidBuffer);
memset(pCurrentSecDescBuffer, 0, SECURITY_DESCRIPTOR_RELATIVE_MAX_SIZE);
memset(pNewSecDescBuffer, 0, SECURITY_DESCRIPTOR_RELATIVE_MAX_SIZE);
memset(TokenOwnerBuffer.Buffer, 0, SID_MAX_SIZE);
/* Sanity checks */
if (SecInfo == 0)
{
ntError = STATUS_INVALID_PARAMETER;
BAIL_ON_NT_STATUS(ntError);
}
/* If the new Security Descriptor contains owner or group SID
information, berify that the user's ACCESS_TOKEN contains the
SID as a member */
if (SecInfo & (OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION))
{
PSID pOwner = NULL;
PSID pGroup = NULL;
BOOLEAN bDefaulted = FALSE;
ntError = PvfsSecurityAclSelfRelativeToAbsoluteSD(
&pIncAbsSecDesc,
pSecDesc);
BAIL_ON_NT_STATUS(ntError);
ntError = RtlQueryAccessTokenInformation(
pCcb->pUserToken,
TokenOwner,
(PVOID)pTokenOwnerInformation,
sizeof(TokenOwnerBuffer),
&ulTokenOwnerLength);
BAIL_ON_NT_STATUS(ntError);
ntError = RtlCreateWellKnownSid(
WinLocalSystemSid,
NULL,
pLocalSystemSid,
&ulLocalSystemSidLength);
BAIL_ON_NT_STATUS(ntError);
if (SecInfo & OWNER_SECURITY_INFORMATION)
{
ntError = RtlGetOwnerSecurityDescriptor(
pIncAbsSecDesc,
&pOwner,
&bDefaulted);
BAIL_ON_NT_STATUS(ntError);
if (!RtlIsSidMemberOfToken(pCcb->pUserToken, pOwner) &&
!RtlEqualSid(pLocalSystemSid, pTokenOwnerInformation->Owner))
{
ntError = STATUS_ACCESS_DENIED;
BAIL_ON_NT_STATUS(ntError);
}
}
if (SecInfo & GROUP_SECURITY_INFORMATION)
{
ntError = RtlGetGroupSecurityDescriptor(
pIncAbsSecDesc,
&pGroup,
&bDefaulted);
BAIL_ON_NT_STATUS(ntError);
if (!RtlIsSidMemberOfToken(pCcb->pUserToken, pGroup) &&
!RtlEqualSid(pLocalSystemSid, pTokenOwnerInformation->Owner))
{
ntError = STATUS_ACCESS_DENIED;
BAIL_ON_NT_STATUS(ntError);
}
}
}
if (SecInfo == SecInfoAll)
{
/* We already have a fully formed Security Descriptor */
pFinalSecDesc = pSecDesc;
ulFinalSecDescLength = SecDescLength;
}
else
{
/* Retrieve the existing SD and merge with the incoming one */
ntError = PvfsGetSecurityDescriptorFile(
pCcb,
SecInfoAll,
(PSECURITY_DESCRIPTOR_RELATIVE)pCurrentSecDescBuffer,
&ulCurrentSecDescLength);
BAIL_ON_NT_STATUS(ntError);
/* Assume that the new SD is <= the combined size of the current
SD and the incoming one */
ntError = RtlSetSecurityDescriptorInfo(
SecInfo,
pSecDesc,
(PSECURITY_DESCRIPTOR_RELATIVE)pCurrentSecDescBuffer,
(PSECURITY_DESCRIPTOR_RELATIVE)pNewSecDescBuffer,
&ulNewSecDescLength,
&gPvfsFileGenericMapping);
BAIL_ON_NT_STATUS(ntError);
pFinalSecDesc = (PSECURITY_DESCRIPTOR_RELATIVE)pNewSecDescBuffer;
ulFinalSecDescLength = ulNewSecDescLength;
}
/* Save the combined SD */
#ifdef HAVE_EA_SUPPORT
ntError = PvfsSetSecurityDescriptorFileXattr(
pCcb,
pFinalSecDesc,
ulFinalSecDescLength);
#else
ntError = PvfsSetSecurityDescriptorPosix(
pCcb,
pFinalSecDesc,
ulFinalSecDescLength);
#endif
BAIL_ON_NT_STATUS(ntError);
PvfsNotifyScheduleFullReport(
pCcb->pFcb,
FILE_NOTIFY_CHANGE_SECURITY,
FILE_ACTION_MODIFIED,
pCcb->pszFilename);
cleanup:
if (pIncAbsSecDesc)
{
PvfsFreeAbsoluteSecurityDescriptor(&pIncAbsSecDesc);
}
return ntError;
error:
goto cleanup;
}
static
VOID
CheckDirectorySecurity__(
_In_ PCWSTR DirectoryName,
_In_ PSID ExpectedOwner,
_In_ PSID ExpectedGroup,
_In_ ULONG AceCount,
_In_ PCSTR FileAndLine,
...)
{
NTSTATUS Status;
UNICODE_STRING DirectoryNameString;
OBJECT_ATTRIBUTES ObjectAttributes;
HANDLE DirectoryHandle;
PSECURITY_DESCRIPTOR SecurityDescriptor;
ULONG SecurityDescriptorSize;
PSID Owner;
PSID Group;
PACL Dacl;
PACL Sacl;
BOOLEAN Present;
BOOLEAN Defaulted;
va_list Arguments;
RtlInitUnicodeString(&DirectoryNameString, DirectoryName);
InitializeObjectAttributes(&ObjectAttributes,
&DirectoryNameString,
OBJ_KERNEL_HANDLE,
NULL,
NULL);
Status = ZwOpenDirectoryObject(&DirectoryHandle,
READ_CONTROL | ACCESS_SYSTEM_SECURITY,
&ObjectAttributes);
ok_eq_hex(Status, STATUS_SUCCESS);
if (skip(NT_SUCCESS(Status), "No directory (%ls)\n", DirectoryName))
{
return;
}
Status = ZwQuerySecurityObject(DirectoryHandle,
OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION,
NULL,
0,
&SecurityDescriptorSize);
ok_eq_hex(Status, STATUS_BUFFER_TOO_SMALL);
if (skip(Status == STATUS_BUFFER_TOO_SMALL, "No security size (%ls)\n", DirectoryName))
{
ObCloseHandle(DirectoryHandle, KernelMode);
return;
}
SecurityDescriptor = ExAllocatePoolWithTag(PagedPool,
SecurityDescriptorSize,
'dSmK');
ok(SecurityDescriptor != NULL, "Failed to allocate %lu bytes\n", SecurityDescriptorSize);
if (skip(SecurityDescriptor != NULL, "No memory for descriptor (%ls)\n", DirectoryName))
{
ObCloseHandle(DirectoryHandle, KernelMode);
return;
}
Status = ZwQuerySecurityObject(DirectoryHandle,
OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION,
SecurityDescriptor,
SecurityDescriptorSize,
&SecurityDescriptorSize);
ok_eq_hex(Status, STATUS_SUCCESS);
if (NT_SUCCESS(Status))
{
Owner = NULL;
Status = RtlGetOwnerSecurityDescriptor(SecurityDescriptor,
&Owner,
&Defaulted);
if (ExpectedOwner)
CheckSid__(Owner, NO_SIZE, ExpectedOwner, FileAndLine);
ok(Defaulted == FALSE, "Owner defaulted for %ls\n", DirectoryName);
Group = NULL;
Status = RtlGetGroupSecurityDescriptor(SecurityDescriptor,
&Group,
&Defaulted);
if (ExpectedGroup)
CheckSid__(Group, NO_SIZE, ExpectedGroup, FileAndLine);
ok(Defaulted == FALSE, "Group defaulted for %ls\n", DirectoryName);
Dacl = NULL;
Status = RtlGetDaclSecurityDescriptor(SecurityDescriptor,
&Present,
&Dacl,
&Defaulted);
ok_eq_hex(Status, STATUS_SUCCESS);
ok(Present == TRUE, "DACL not present for %ls\n", DirectoryName);
ok(Defaulted == FALSE, "DACL defaulted for %ls\n", DirectoryName);
va_start(Arguments, FileAndLine);
VCheckAcl__(Dacl, AceCount, FileAndLine, Arguments);
va_end(Arguments);
Sacl = NULL;
Status = RtlGetSaclSecurityDescriptor(SecurityDescriptor,
&Present,
&Sacl,
&Defaulted);
ok_eq_hex(Status, STATUS_SUCCESS);
ok(Present == FALSE, "SACL present for %ls\n", DirectoryName);
ok(Defaulted == FALSE, "SACL defaulted for %ls\n", DirectoryName);
ok(Sacl == NULL, "Sacl is %p for %ls\n", Sacl, DirectoryName);
}
ExFreePoolWithTag(SecurityDescriptor, 'dSmK');
ObCloseHandle(DirectoryHandle, KernelMode);
}