HANDLE _CreateFile( LPCTSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile ) { SECURITY_DESCRIPTOR sd; SECURITY_ATTRIBUTES sa; memset(&sd,0,sizeof(sd)); InitializeSecurityDescriptor(&sd,SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); memset(&sa,0,sizeof(sa)); sa.nLength=sizeof(sa); sa.lpSecurityDescriptor=&sd; return ::CreateFile( lpFileName, dwDesiredAccess, dwShareMode, &sa, dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile ); }
int InitBranding() { char *s; s = (char *)GlobalAlloc(GPTR,lstrlen(EXENAME)+10); wsprintf(s,"%s /version",EXENAME); { STARTUPINFO si= {sizeof(si),}; SECURITY_ATTRIBUTES sa= {sizeof(sa),}; SECURITY_DESCRIPTOR sd= {0,}; PROCESS_INFORMATION pi= {0,}; HANDLE newstdout=0,read_stdout=0; OSVERSIONINFO osv= {sizeof(osv)}; GetVersionEx(&osv); if (osv.dwPlatformId == VER_PLATFORM_WIN32_NT) { InitializeSecurityDescriptor(&sd,SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd,true,NULL,false); sa.lpSecurityDescriptor = &sd; } else sa.lpSecurityDescriptor = NULL; sa.bInheritHandle = true; if (!CreatePipe(&read_stdout,&newstdout,&sa,0)) { return 0; } GetStartupInfo(&si); si.dwFlags = STARTF_USESTDHANDLES|STARTF_USESHOWWINDOW; si.wShowWindow = SW_HIDE; si.hStdOutput = newstdout; si.hStdError = newstdout; if (!CreateProcess(NULL,s,NULL,NULL,TRUE,CREATE_NEW_CONSOLE,NULL,NULL,&si,&pi)) { CloseHandle(newstdout); CloseHandle(read_stdout); return 0; } char szBuf[1024]; DWORD dwRead = 1; DWORD dwExit = !STILL_ACTIVE; if (WaitForSingleObject(pi.hProcess,10000)!=WAIT_OBJECT_0) { return 0; } ReadFile(read_stdout, szBuf, sizeof(szBuf)-1, &dwRead, NULL); szBuf[dwRead] = 0; if (lstrlen(szBuf)==0) return 0; g_sdata.branding = (char *)GlobalAlloc(GPTR,lstrlen(szBuf)+6); wsprintf(g_sdata.branding,"NSIS %s",szBuf); g_sdata.brandingv = (char *)GlobalAlloc(GPTR,lstrlen(szBuf)+1); lstrcpy(g_sdata.brandingv,szBuf); GlobalFree(s); } return 1; }
static void SetTokenObjectIntegrityLevel(DWORD dwIntegrityLevel) { SID_IDENTIFIER_AUTHORITY Sia = SECURITY_MANDATORY_LABEL_AUTHORITY; SECURITY_DESCRIPTOR sd; HANDLE hToken; DWORD dwLength; PACL pAcl; PSID pSid; // Do nothing on OSes where mandatory ACEs are not supported if(pfnAddMandatoryAce == NULL) return; // Initialize blank security descriptor if(!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION)) return; // Allocate mandatory label SID if(!AllocateAndInitializeSid(&Sia, 1, dwIntegrityLevel, 0, 0, 0, 0, 0, 0, 0, &pSid)) return; // Open current token if(!OpenThreadToken(GetCurrentThread(), WRITE_OWNER, TRUE, &hToken)) { if(GetLastError() == ERROR_NO_TOKEN) OpenProcessToken(GetCurrentProcess(), WRITE_OWNER, &hToken); } // If succeeded, set the integrity level if(hToken != NULL) { // Create ACL dwLength = sizeof(ACL) + sizeof(SYSTEM_MANDATORY_LABEL_ACE) - sizeof(DWORD) + GetLengthSid(pSid); pAcl = (PACL)HeapAlloc(g_hHeap, 0, dwLength); if(pAcl != NULL) { if(InitializeAcl(pAcl, dwLength, ACL_REVISION)) { if(pfnAddMandatoryAce(pAcl, ACL_REVISION, 0, SYSTEM_MANDATORY_LABEL_NO_WRITE_UP, pSid)) { NtSetSecurityObject(hToken, LABEL_SECURITY_INFORMATION, &sd); } } HeapFree(g_hHeap, 0, pAcl); } } FreeSid(pSid); }
bool init_security_attributes_allow_all (struct security_attributes *obj) { CLEAR (*obj); obj->sa.nLength = sizeof (SECURITY_ATTRIBUTES); obj->sa.lpSecurityDescriptor = &obj->sd; obj->sa.bInheritHandle = TRUE; if (!InitializeSecurityDescriptor (&obj->sd, SECURITY_DESCRIPTOR_REVISION)) return false; if (!SetSecurityDescriptorDacl (&obj->sd, TRUE, NULL, FALSE)) return false; return true; }
HANDLE _CreateFileMapping( HANDLE hFile, DWORD flProtect, DWORD dwMaximumSizeHigh, DWORD dwMaximumSizeLow, LPCTSTR lpName) { SECURITY_DESCRIPTOR sd; SECURITY_ATTRIBUTES sa; memset(&sd,0,sizeof(sd)); InitializeSecurityDescriptor(&sd,SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); memset(&sa,0,sizeof(sa)); sa.nLength=sizeof(sa); sa.lpSecurityDescriptor=&sd; return ::CreateFileMapping( hFile, &sa, flProtect, dwMaximumSizeHigh, dwMaximumSizeLow, lpName); }
HANDLE _CreateNamedPipe( LPCTSTR lpName, DWORD dwOpenMode, DWORD dwPipeMode, DWORD nMaxInstances, DWORD nOutBufferSize, DWORD nInBufferSize, DWORD nDefaultTimeOut ) { SECURITY_DESCRIPTOR sd; SECURITY_ATTRIBUTES sa; memset(&sd,0,sizeof(sd)); InitializeSecurityDescriptor(&sd,SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); memset(&sa,0,sizeof(sa)); sa.nLength=sizeof(sa); sa.lpSecurityDescriptor=&sd; return ::CreateNamedPipe( lpName, dwOpenMode, dwPipeMode, nMaxInstances, nOutBufferSize, nInBufferSize, nDefaultTimeOut, &sa ); }
// Для запуска только одного экземпляра банера // создаем мютекс.Если он уже создан - значит // уже банерная часть уже загружена и работает. HANDLE CreateBannerInstanceMutex() { SECURITY_ATTRIBUTES sa; SECURITY_DESCRIPTOR sd; InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); sa.nLength = sizeof (SECURITY_ATTRIBUTES); sa.lpSecurityDescriptor = &sd; sa.bInheritHandle = FALSE; return ::CreateMutex(&sa, FALSE, L"Global\\DCCFF93F3ACC4B2F8B4957A6A47D7DFE"); }
HANDLE CreateStartedEvent() { SECURITY_ATTRIBUTES sa; SECURITY_DESCRIPTOR sd; InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); sa.nLength = sizeof (SECURITY_ATTRIBUTES); sa.lpSecurityDescriptor = &sd; sa.bInheritHandle = FALSE; return ::CreateEvent(&sa, TRUE, FALSE, L"Global\\CC64BD66BCA1444C86FC0D8019E381E9"); }
HANDLE _CreateMutex( BOOL bInitialOwner, LPCTSTR lpName ) { SECURITY_DESCRIPTOR sd; SECURITY_ATTRIBUTES sa; memset(&sd,0,sizeof(sd)); InitializeSecurityDescriptor(&sd,SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); memset(&sa,0,sizeof(sa)); sa.nLength=sizeof(sa); sa.lpSecurityDescriptor=&sd; return ::CreateMutex( &sa, bInitialOwner, lpName ); }
isc_result_t isc_fsaccess_changeowner(const char *filename, const char *user) { SECURITY_DESCRIPTOR psd; BYTE sidBuffer[500]; BYTE groupBuffer[500]; PSID psid=(PSID) &sidBuffer; DWORD sidBufferSize = sizeof(sidBuffer); char domainBuffer[100]; DWORD domainBufferSize = sizeof(domainBuffer); SID_NAME_USE snu; PSID pSidGroup = (PSID) &groupBuffer; DWORD groupBufferSize = sizeof(groupBuffer); /* * Determine if this is a FAT or NTFS disk and * call the appropriate function to set the ownership * FAT disks do not have ownership attributes so it's * a noop. */ if (is_ntfs(filename) == FALSE) return (ISC_R_SUCCESS); if (!InitializeSecurityDescriptor(&psd, SECURITY_DESCRIPTOR_REVISION)) return (ISC_R_NOPERM); if (!LookupAccountName(0, user, psid, &sidBufferSize, domainBuffer, &domainBufferSize, &snu)) return (ISC_R_NOPERM); /* Make sure administrators can get to it */ domainBufferSize = sizeof(domainBuffer); if (!LookupAccountName(0, "Administrators", pSidGroup, &groupBufferSize, domainBuffer, &domainBufferSize, &snu)) return (ISC_R_NOPERM); if (!SetSecurityDescriptorOwner(&psd, psid, FALSE)) return (ISC_R_NOPERM); if (!SetSecurityDescriptorGroup(&psd, pSidGroup, FALSE)) return (ISC_R_NOPERM); if (!SetFileSecurity(filename, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION, &psd)) return (ISC_R_NOPERM); return (ISC_R_SUCCESS); }
/** * Initializes the IPC communication. * * @return IPRT status code. * @param pEnv The IPC service's environment. * @param ppInstance The instance pointer which refer to this object. * @param pfStartThread Pointer to flag whether the IPC service can be started or not. */ int VBoxIPCInit(const VBOXSERVICEENV *pEnv, void **ppInstance, bool *pfStartThread) { Log(("VBoxTray: VBoxIPCInit\n")); *pfStartThread = false; gCtx.pEnv = pEnv; int rc = VINF_SUCCESS; SECURITY_ATTRIBUTES sa; sa.lpSecurityDescriptor = (PSECURITY_DESCRIPTOR)RTMemAlloc(SECURITY_DESCRIPTOR_MIN_LENGTH); if (!sa.lpSecurityDescriptor) rc = VERR_NO_MEMORY; else { if (!InitializeSecurityDescriptor(sa.lpSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION)) rc = RTErrConvertFromWin32(GetLastError()); else { if (!SetSecurityDescriptorDacl(sa.lpSecurityDescriptor, TRUE, (PACL)0, FALSE)) rc = RTErrConvertFromWin32(GetLastError()); else { sa.nLength = sizeof(sa); sa.bInheritHandle = TRUE; } } if (RT_SUCCESS(rc)) { gCtx.hPipe = CreateNamedPipe((LPSTR)VBOXTRAY_PIPE_IPC, PIPE_ACCESS_DUPLEX, PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT, PIPE_UNLIMITED_INSTANCES, VBOXTRAY_PIPE_IPC_BUFSIZE, /* Output buffer size. */ VBOXTRAY_PIPE_IPC_BUFSIZE, /* Input buffer size. */ NMPWAIT_USE_DEFAULT_WAIT, &sa); if (gCtx.hPipe == INVALID_HANDLE_VALUE) rc = RTErrConvertFromWin32(GetLastError()); else { *pfStartThread = true; *ppInstance = &gCtx; } } RTMemFree(sa.lpSecurityDescriptor); } return rc; }
SECURITY_ATTRIBUTES SecurDescr::CreateSID() { SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY SIDAuthNT = SECURITY_NT_AUTHORITY; AllocateAndInitializeSid(&SIDAuthWorld, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &pEveryoneSID); ZeroMemory(ea, 2 * sizeof(EXPLICIT_ACCESS)); ea[0].grfAccessPermissions = FILE_GENERIC_READ | FILE_GENERIC_WRITE | SYNCHRONIZE; ea[0].grfAccessMode = SET_ACCESS; ea[0].grfInheritance= NO_INHERITANCE; ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP; ea[0].Trustee.ptstrName = (LPTSTR) pEveryoneSID; AllocateAndInitializeSid(&SIDAuthNT, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pAdminSID); ea[1].grfAccessPermissions = FILE_GENERIC_READ | FILE_GENERIC_WRITE | SYNCHRONIZE; ea[1].grfAccessMode = SET_ACCESS; ea[1].grfInheritance= NO_INHERITANCE; ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP; ea[1].Trustee.ptstrName = (LPTSTR) pAdminSID; SetEntriesInAcl(2, ea, NULL, &pACL); pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(pSD, TRUE, // bDaclPresent flag pACL, FALSE); sa.nLength = sizeof (SECURITY_ATTRIBUTES); sa.lpSecurityDescriptor = pSD; sa.bInheritHandle = FALSE; return sa; }
int CreateIpcTable() { /*2000.9.4 add---------------------------------------------------------------*/ SECURITY_ATTRIBUTES FileMappingAttributes; SECURITY_DESCRIPTOR SecuDesc; #ifdef TERMINAL_SERVICE char *evtname; #endif /* TERMINAL_SERVICE */ InitializeSecurityDescriptor( &SecuDesc, SECURITY_DESCRIPTOR_REVISION ); SetSecurityDescriptorDacl( &SecuDesc, TRUE, NULL, FALSE ); FileMappingAttributes.nLength = sizeof(FileMappingAttributes); l_ipclog("[ipcd] CreateIpcTable, FileMappingAttributes.nLength = %d\n", FileMappingAttributes.nLength); FileMappingAttributes.lpSecurityDescriptor = &SecuDesc; /*2000.9.4 end---------------------------------------------------------------*/ #ifdef TERMINAL_SERVICE if( osvi.dwMajorVersion >= 5 ) /* Windows 2000 */ evtname = "Global\\ipct"; else evtname = "ipct"; #endif /* TERMINAL_SERVICE */ /*2000.9.4 change. NULL -> &FileMappingAttributes */ hIpc=CreateFileMapping( (HANDLE)0xFFFFFFFF, &FileMappingAttributes, #ifdef TERMINAL_SERVICE PAGE_READWRITE, 0, sizeof(IPCT), evtname ); #else PAGE_READWRITE, 0, sizeof(IPCT), "ipct" ); #endif /* TERMINAL_SERVICE */ if (hIpc==NULL) { errno=GetLastError(); return -1; } ipct=(IPCT *)MapViewOfFile(hIpc, FILE_MAP_ALL_ACCESS, 0, 0, 0); if (ipct==NULL) { errno=GetLastError(); return -1; } InitIPCT(); return 0; }
HANDLE _CreateFile( LPCTSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile ) { SECURITY_DESCRIPTOR sd; SECURITY_ATTRIBUTES sa; memset(&sd,0,sizeof(sd)); InitializeSecurityDescriptor(&sd,SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); memset(&sa,0,sizeof(sa)); sa.nLength=sizeof(sa); sa.lpSecurityDescriptor=&sd; /* PACL pDacl; EXPLICIT_ACCESS explicitAccess[3]; SECURITY_ATTRIBUTES sa; SECURITY_DESCRIPTOR sd; InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION); BuildExplicitAccessWithName(&explicitAccess[0], TEXT("SYSTEM"), FILE_ALL_ACCESS, GRANT_ACCESS, 0); BuildExplicitAccessWithName(&explicitAccess[1], TEXT("Administrators"), FILE_ALL_ACCESS, GRANT_ACCESS, 0); BuildExplicitAccessWithName(&explicitAccess[2], TEXT("Everyone"), FILE_ALL_ACCESS, GRANT_ACCESS, 0); SetEntriesInAcl(3, explicitAccess, NULL, &pDacl); SetSecurityDescriptorDacl(&sd, TRUE, pDacl, FALSE); sa.nLength = sizeof(SECURITY_ATTRIBUTES); sa.lpSecurityDescriptor = &sd; sa.bInheritHandle = FALSE; */ HANDLE hFile = ::CreateFile( lpFileName, dwDesiredAccess, dwShareMode, &sa, dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile ); if( hFile == INVALID_HANDLE_VALUE ){ TCHAR* p = (TCHAR*)_tcsrchr(lpFileName, '\\'); TCHAR* szDirPath = NULL; if( p != NULL ){ int iSize = (int)(p - lpFileName); szDirPath = new TCHAR[iSize+1]; _tcsncpy_s(szDirPath, iSize+1, lpFileName, iSize); } if( szDirPath != NULL ){ _CreateDirectory(szDirPath); delete[] szDirPath; hFile = ::CreateFile( lpFileName, dwDesiredAccess, dwShareMode, &sa, dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile ); } } return hFile; }
HANDLE GetNamedPipeHandle() { SECURITY_DESCRIPTOR sd = {0}; InitializeSecurityDescriptor(&sd, 1); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); SECURITY_ATTRIBUTES sa = {0}; sa.nLength = sizeof(SECURITY_ATTRIBUTES); sa.lpSecurityDescriptor = &sd; sa.bInheritHandle = NULL; HANDLE h = CreateFile(TEXT("\\\\.\\pipe\\acsipc_server"), 0xC0000000, 3, &sa, 3, 0x80000080, NULL); if(h != (HANDLE)-1 ) return h; return NULL; }
bool RegKeyDaclAquireRestore::Aquire(HKEY hRootKey, LPCTSTR lpszSubKey) { XL_INFO_FUNCTION(); Backup(hRootKey, lpszSubKey); HKEY hKey = nullptr; LSTATUS lRes = RegOpenKeyEx(hRootKey, lpszSubKey, 0, WRITE_DAC, &hKey); if (lRes != ERROR_SUCCESS || hKey == nullptr) { XL_ERROR(_T("Failed to open key with WRITE_DAC access. Key: %s."), lpszSubKey); return false; } XL_ON_BLOCK_EXIT(RegCloseKey, hKey); SECURITY_DESCRIPTOR sd = {}; if (!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION)) { XL_ERROR(_T("Failed to initialize security descriptor.")); return false; } if (!SetSecurityDescriptorDacl(&sd, FALSE, nullptr, FALSE)) { XL_ERROR(_T("Failed to clear DACL in security descriptor.")); return false; } lRes = RegSetKeySecurity(hKey, DACL_SECURITY_INFORMATION, &sd); if (lRes != ERROR_SUCCESS) { XL_ERROR(_T("Failed to set DACL to Key: %s."), lpszSubKey); return false; } return true; }
// Creates a key specified by pszSubKey - you can't create // keys directly under HKEY_LOCAL_MACHINE in Windows NT or 2000 // just for an extra bit of info. bool CreateRegistryKey(HKEY hKeyRoot, LPCTSTR pszSubKey) { HKEY hKey; DWORD dwFunc; LONG lRet; //------------------------------------------------------------------------------ SECURITY_DESCRIPTOR SD; SECURITY_ATTRIBUTES SA; if(!InitializeSecurityDescriptor(&SD, SECURITY_DESCRIPTOR_REVISION)) return false; if(!SetSecurityDescriptorDacl(&SD, true, 0, false)) return false; SA.nLength = sizeof(SA); SA.lpSecurityDescriptor = &SD; SA.bInheritHandle = false; //------------------------------------------------------------------------------ lRet = RegCreateKeyEx( hKeyRoot, pszSubKey, 0, (LPTSTR)NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, &SA, &hKey, &dwFunc ); if(lRet == ERROR_SUCCESS) { RegCloseKey(hKey); hKey = (HKEY)NULL; return true; } SetLastError((DWORD)lRet); return false; }
void mmf_init() { #ifndef MY_DEBUG printf("1\n"); #endif SECURITY_DESCRIPTOR sd; InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, (PACL)NULL, FALSE); SECURITY_ATTRIBUTES sa; sa.nLength = sizeof(SECURITY_ATTRIBUTES); sa.bInheritHandle = TRUE; sa.lpSecurityDescriptor = &sd; hEvent = CreateEvent( &sa, 0, 0, "MYMESSAGE"); hMap = CreateFileMapping( (HANDLE)-1, // Paging 화일을 사용해서 매핑 &sa, PAGE_READWRITE, 0, sizeof(PACKET), "mymmf"); if ( hMap == 0 ) { MessageBox( 0, "Fail", "", MB_OK); return ; } #ifndef MY_DEBUG printf("%d\n",hMap); printf("%d\r\n",hEvent); #endif pData = (PACKET*)MapViewOfFile( hMap, FILE_MAP_WRITE, 0, 0,0); if ( pData == 0 ) { MessageBox( 0, "Fail", "", MB_OK); return ; } #ifndef MY_DEBUG printf("2"); #endif }
BOOST_LOG_ONCE_BLOCK() { if (!InitializeSecurityDescriptor(&g_unrestricted_security_descriptor, SECURITY_DESCRIPTOR_REVISION)) { DWORD err = GetLastError(); BOOST_LOG_THROW_DESCR_PARAMS(system_error, "Failed to initialize security descriptor", (err)); } if (!SetSecurityDescriptorDacl(&g_unrestricted_security_descriptor, TRUE, NULL, FALSE)) { DWORD err = GetLastError(); BOOST_LOG_THROW_DESCR_PARAMS(system_error, "Failed to set null DACL to a security descriptor", (err)); } g_unrestricted_security_attributes.nLength = sizeof(g_unrestricted_security_attributes); g_unrestricted_security_attributes.lpSecurityDescriptor = &g_unrestricted_security_descriptor; g_unrestricted_security_attributes.bInheritHandle = FALSE; }
ChighPerformanceTimer::ChighPerformanceTimer(CString p_TimerName,bool p_Periodic,LONG p_Period) { // p_TimerName 定时器名; // p_Periodic 设置是否为周期性定时器; // p_Period时钟周期 g_Valid=false; if (p_Periodic) { g_TimerPeriod=p_Period; g_ManualReset=false; } else { g_TimerPeriod=0; g_ManualReset=true; } g_Set=false; g_TimerExpires.QuadPart=Int32x32To64(-10000,p_Period); memset(g_Name,0,MAX_PATH); if (! p_TimerName.IsEmpty()) if(p_TimerName.GetLength()>MAX_PATH) memcpy(g_Name,p_TimerName,MAX_PATH); else memcpy(g_Name,p_TimerName,p_TimerName.GetLength()); //如果定时器已经创建, 则使用已有的定时器;否则建立一个新的定时器 g_TimerHandle=OpenWaitableTimer(TIMER_ALL_ACCESS | TIMER_MODIFY_STATE | SYNCHRONIZE,TRUE,(char *) g_Name); if (g_TimerHandle==NULL) { //建立并且初始化缺省的安全描述符和属性 g_SecurityAttributes.lpSecurityDescriptor=&g_SecurityDescriptor; InitializeSecurityDescriptor(g_SecurityAttributes.lpSecurityDescriptor,SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(g_SecurityAttributes.lpSecurityDescriptor,TRUE,(PACL)NULL,FALSE); g_SecurityAttributes.nLength = sizeof SECURITY_ATTRIBUTES; g_SecurityAttributes.bInheritHandle=TRUE; g_TimerHandle=CreateWaitableTimer(&g_SecurityAttributes,g_ManualReset,(char *)g_Name); } if(g_TimerHandle==NULL) { //ERROR AND RETURN return; } g_Result=g_WaitableTimer_TickOkay;//????????? g_Valid=true; }
HRESULT COpcSecurity::Initialize() { if (m_pSD) { delete m_pSD; m_pSD = NULL; } if (m_pOwner) { free(m_pOwner); m_pOwner = NULL; } if (m_pGroup) { free(m_pGroup); m_pGroup = NULL; } if (m_pDACL) { free(m_pDACL); m_pDACL = NULL; } if (m_pSACL) { free(m_pSACL); m_pSACL = NULL; } OPCTRY(m_pSD = new SECURITY_DESCRIPTOR); if (m_pSD == NULL) return E_OUTOFMEMORY; if (!InitializeSecurityDescriptor(m_pSD, SECURITY_DESCRIPTOR_REVISION)) { HRESULT hr = HRESULT_FROM_WIN32(GetLastError()); delete m_pSD; m_pSD = NULL; OPCASSERT(FALSE); return hr; } // Set the DACL to allow EVERYONE SetSecurityDescriptorDacl(m_pSD, TRUE, NULL, FALSE); return S_OK; }
/*------------------------------------------------------------------------------*/ static BOOL InitAll( HWND hWnd, HINSTANCE hInst ) { // Prevent multiple start-up. SECURITY_DESCRIPTOR sd = {0}; InitializeSecurityDescriptor(&sd,SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, 0, FALSE); SECURITY_ATTRIBUTES secAttribute = {0}; secAttribute.nLength = sizeof (secAttribute); secAttribute.lpSecurityDescriptor = &sd; secAttribute.bInheritHandle = TRUE; multipleStartupMutex.reset(::CreateMutex(&secAttribute, FALSE, TEXT("RemoteJoyLite"))); if (multipleStartupMutex == NULL) { LOG(LOG_LEVEL_ERROR, "Could not get mutex."); return FALSE; } else if (::GetLastError() == ERROR_ALREADY_EXISTS) { LOG(LOG_LEVEL_ERROR, "Already started."); return FALSE; } // Register device notification. DEV_BROADCAST_DEVICEINTERFACE filter; filter.dbcc_size = sizeof(filter); filter.dbcc_devicetype = DBT_DEVTYP_DEVICEINTERFACE; filter.dbcc_classguid = GUID_DEVINTERFACE_USB_DEVICE; pspDeviceNotify.reset(::RegisterDeviceNotification( hWnd, &filter, DEVICE_NOTIFY_WINDOW_HANDLE)); if ( SettingInit( hWnd, hInst ) == FALSE ){ return( FALSE ); } if (!pAkindD3D->initialize()) { return FALSE; } if (!pAkindD3D->create(false)) { return FALSE; } if ( SettingData.InputBG != 0 ){ if ( pAkindDI->Init( hWnd, TRUE ) == FALSE ){ return( FALSE ); } } else { if ( pAkindDI->Init( hWnd, FALSE ) == FALSE ){ return( FALSE ); } } WaveInit(); return( TRUE ); }
HANDLE MakeMutex(char *mutexname) { /*2000.9.4 add---------------------------------------------------------------*/ HANDLE hMutex; char evtname[128]; SECURITY_ATTRIBUTES FileMappingAttributes; SECURITY_DESCRIPTOR SecuDesc; InitializeSecurityDescriptor( &SecuDesc, SECURITY_DESCRIPTOR_REVISION ); SetSecurityDescriptorDacl( &SecuDesc, TRUE, NULL, FALSE ); FileMappingAttributes.nLength = sizeof(FileMappingAttributes); FileMappingAttributes.lpSecurityDescriptor = &SecuDesc; /*2000.9.4 end---------------------------------------------------------------*/ strcpy( evtname, mutexname ); #ifdef TERMINAL_SERVICE if( osvi.dwMajorVersion >= 5 ) /* Windows 2000 */ sprintf( evtname "Global\\%d", mutexname ); #endif /* TERMINAL_SERVICE */ hMutex=CreateMutex( &FileMappingAttributes, FALSE, evtname ); if (hMutex==NULL) { sprintf(tbuf, "Create %s Mutex error = [%d]", evtname, GetLastError()); MessageBox(NULL, tbuf, "IPC DAEMON", MB_OK); ExitProcess(1); } else { if (GetLastError()==ERROR_ALREADY_EXISTS) { // MessageBox(NULL, "IPC DAEMON is already active ...", // "IPC DAEMON", MB_OK); CloseHandle(hMutex); ExitProcess(1); } } return hMutex; }
/* Quick and dirty window station security fix */ BOOL SetWinstaDesktopSecurity(void) { HWINSTA hWinsta; HDESK hDesk; SECURITY_INFORMATION si = DACL_SECURITY_INFORMATION; SECURITY_DESCRIPTOR sd; // Get the current window station and desktop hWinsta = GetProcessWindowStation(); if(hWinsta == NULL) return FALSE; hDesk = GetThreadDesktop(GetCurrentThreadId()); if (hDesk == NULL) return FALSE; // Create a NULL DACL InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, (PACL) NULL, FALSE); // Set the NULL DACL if (!SetUserObjectSecurity(hWinsta, &si, &sd)) { printf("SetUserObjectSecurity on the window station failed: %d",GetLastError()); return FALSE; } if (!SetUserObjectSecurity(hDesk, &si, &sd)) { printf("SetUserObjectSecurity on the desktop failed: %d",GetLastError()); return FALSE; } // Return indicating success return TRUE; }
int create_folder_all_access(char *path) { int result=FALSE; SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY; PSID everyone_sid = NULL; if(path==0 || path[0]==0) return result; if(AllocateAndInitializeSid(&SIDAuthWorld, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &everyone_sid)){ EXPLICIT_ACCESS ea; PACL acl = NULL; ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS)); ea.grfAccessPermissions = SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL; ea.grfAccessMode = SET_ACCESS; ea.grfInheritance = NO_INHERITANCE; ea.Trustee.TrusteeForm = TRUSTEE_IS_SID; ea.Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP; ea.Trustee.ptstrName = (LPWSTR)everyone_sid; if(ERROR_SUCCESS==SetEntriesInAcl(1, &ea, NULL, &acl)){ PSECURITY_DESCRIPTOR sd = (PSECURITY_DESCRIPTOR)LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); if(sd && InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION)){ if(SetSecurityDescriptorDacl(sd, TRUE, acl, FALSE)){ SECURITY_ATTRIBUTES sa; sa.nLength = sizeof(SECURITY_ATTRIBUTES); sa.lpSecurityDescriptor = sd; sa.bInheritHandle = FALSE; if(CreateDirectory(path, &sa)) result=TRUE; } } if(sd) LocalFree(sd); LocalFree(acl); } FreeSid(everyone_sid); } return result; }
BOOL InitializeAudioDeviceListLock() { /* The security stuff is to make sure the mutex can be grabbed by other processes - is this the best idea though ??? */ SECURITY_DESCRIPTOR security_descriptor; SECURITY_ATTRIBUTES security; InitializeSecurityDescriptor(&security_descriptor, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&security_descriptor, TRUE, 0, FALSE); security.nLength = sizeof(SECURITY_ATTRIBUTES); security.lpSecurityDescriptor = &security_descriptor; security.bInheritHandle = FALSE; audio_device_list_lock = CreateMutex(&security, FALSE, AUDIO_LIST_LOCK_NAME); return ( audio_device_list_lock != NULL ); }
void create_app_running_mutex() { SECURITY_ATTRIBUTES *sa = NULL; if (!sec_attributes_) sec_attributes_ = g_new0(SECURITY_ATTRIBUTES, 1); sec_attributes_->nLength = sizeof(SECURITY_ATTRIBUTES); sec_attributes_->lpSecurityDescriptor = g_new0(SECURITY_DESCRIPTOR, 1); sec_attributes_->bInheritHandle = TRUE; if (InitializeSecurityDescriptor(sec_attributes_->lpSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION)) { if (SetSecurityDescriptorDacl(sec_attributes_->lpSecurityDescriptor, TRUE, NULL, FALSE)) { sa = sec_attributes_; } } if (!sa) { g_free(sec_attributes_->lpSecurityDescriptor); g_free(sec_attributes_); sec_attributes_ = NULL; } CreateMutex(sa, FALSE, _T("Wireshark-is-running-{") _T(WIRESHARK_IS_RUNNING_UUID) _T("}")); CreateMutex(sa, FALSE, _T("Global\\Wireshark-is-running-{") _T(WIRESHARK_IS_RUNNING_UUID) _T("}")); }
void CServiceManager::CreateSharedFile(std::string path) { #if defined(WIN32) // For Windows we need to make sure all users can write to this file. // We achieve this by setting a security descriptor BYTE sd[SECURITY_DESCRIPTOR_MIN_LENGTH]; SECURITY_ATTRIBUTES sa; sa.nLength = sizeof(sa); sa.bInheritHandle = TRUE; sa.lpSecurityDescriptor = &sd; InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE); HANDLE hFile = ::CreateFile(path.c_str(),GENERIC_WRITE,0,&sa,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL); if (hFile != INVALID_HANDLE_VALUE) ::CloseHandle(hFile); #else // Do nothing - not necessary on Linux #endif }
NullDacl::NullDacl() { ZeroMemory( &mSa, sizeof(mSa) ); mSa.nLength = sizeof( mSa ); mSa.bInheritHandle = FALSE; BOOL ok = InitializeSecurityDescriptor( &mSd, SECURITY_DESCRIPTOR_REVISION ); DWORD dwErr = GetLastError(); RCF_VERIFY(ok, Exception(_RcfError_Win32ApiError("InitializeSecurityDescriptor()", dwErr), dwErr)); ok = SetSecurityDescriptorDacl( &mSd, TRUE, (PACL) NULL, FALSE); dwErr = GetLastError(); RCF_VERIFY(ok, Exception(_RcfError_Win32ApiError("SetSecurityDescriptorDacl()", dwErr), dwErr)); mSa.lpSecurityDescriptor = &mSd; }
/* * To Create a security descriptor with a NULL ACL, which * allows unlimited access. Returns a SECURITY_ATTRIBUTES * structure that contains the security descriptor. * The structure contains a dynamically allocated security * descriptor that must be freed either manually, or by * calling FreeSecurityAttributes */ BOOL SetSimpleSecurityAttributes (SECURITY_ATTRIBUTES * pSecurityAttr) { BOOL fReturn = FALSE; SECURITY_DESCRIPTOR *pSecurityDesc = NULL; /* * If an invalid address is passed as a parameter, return * FALSE right away. */ if (!pSecurityAttr) return FALSE; pSecurityDesc = (SECURITY_DESCRIPTOR *) LocalAlloc (LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); if (!pSecurityDesc) return FALSE; fReturn = InitializeSecurityDescriptor (pSecurityDesc, SECURITY_DESCRIPTOR_REVISION); if (fReturn != FALSE) { fReturn = SetSecurityDescriptorDacl (pSecurityDesc, TRUE, NULL, FALSE); } if (fReturn != FALSE) { pSecurityAttr->nLength = sizeof (SECURITY_ATTRIBUTES); pSecurityAttr->lpSecurityDescriptor = pSecurityDesc; pSecurityAttr->bInheritHandle = TRUE; } else { /* * Couldn't initialize or set security descriptor. */ LocalFree (pSecurityDesc); } return fReturn; }