/**
* Retrieves the security descriptor of an object.
*
* \param SecurityDescriptor A variable which receives a pointer to the security descriptor of the
* object. The security descriptor must be freed using PhFree() when no longer needed.
* \param SecurityInformation The security information to retrieve.
* \param Context A pointer to a PH_STD_OBJECT_SECURITY structure describing the object.
*
* \remarks This function may be used for the \a GetObjectSecurity callback in
* PhCreateSecurityPage() or PhEditSecurity().
*/
_Callback_ NTSTATUS PhStdGetObjectSecurity(
_Out_ PSECURITY_DESCRIPTOR *SecurityDescriptor,
_In_ SECURITY_INFORMATION SecurityInformation,
_In_opt_ PVOID Context
)
{
NTSTATUS status;
PPH_STD_OBJECT_SECURITY stdObjectSecurity;
HANDLE handle;
stdObjectSecurity = (PPH_STD_OBJECT_SECURITY)Context;
status = stdObjectSecurity->OpenObject(
&handle,
PhGetAccessForGetSecurity(SecurityInformation),
stdObjectSecurity->Context
);
if (!NT_SUCCESS(status))
return status;
if (PhEqualStringZ(stdObjectSecurity->ObjectType, L"Service", TRUE))
{
status = PhGetSeObjectSecurity(handle, SE_SERVICE, SecurityInformation, SecurityDescriptor);
CloseServiceHandle(handle);
}
else if (PhEqualStringZ(stdObjectSecurity->ObjectType, L"File", TRUE))
{
status = PhpGetObjectSecurityWithTimeout(handle, SecurityInformation, SecurityDescriptor);
NtClose(handle);
}
else
{
status = PhGetObjectSecurity(handle, SecurityInformation, SecurityDescriptor);
NtClose(handle);
}
return status;
}
_Callback_ NTSTATUS SxStdGetObjectSecurity(
_Out_ PSECURITY_DESCRIPTOR *SecurityDescriptor,
_In_ SECURITY_INFORMATION SecurityInformation,
_In_opt_ PVOID Context
)
{
NTSTATUS status;
PPH_STD_OBJECT_SECURITY stdObjectSecurity;
HANDLE handle;
stdObjectSecurity = (PPH_STD_OBJECT_SECURITY)Context;
if (
PhEqualStringZ(stdObjectSecurity->ObjectType, L"LsaAccount", TRUE) ||
PhEqualStringZ(stdObjectSecurity->ObjectType, L"LsaPolicy", TRUE) ||
PhEqualStringZ(stdObjectSecurity->ObjectType, L"LsaSecret", TRUE) ||
PhEqualStringZ(stdObjectSecurity->ObjectType, L"LsaTrusted", TRUE)
)
{
PSECURITY_DESCRIPTOR securityDescriptor;
status = stdObjectSecurity->OpenObject(
&handle,
PhGetAccessForGetSecurity(SecurityInformation),
stdObjectSecurity->Context
);
if (!NT_SUCCESS(status))
return status;
status = LsaQuerySecurityObject(
handle,
SecurityInformation,
&securityDescriptor
);
if (NT_SUCCESS(status))
{
*SecurityDescriptor = PhAllocateCopy(
securityDescriptor,
RtlLengthSecurityDescriptor(securityDescriptor)
);
LsaFreeMemory(securityDescriptor);
}
LsaClose(handle);
}
else if (
PhEqualStringZ(stdObjectSecurity->ObjectType, L"SamAlias", TRUE) ||
PhEqualStringZ(stdObjectSecurity->ObjectType, L"SamDomain", TRUE) ||
PhEqualStringZ(stdObjectSecurity->ObjectType, L"SamGroup", TRUE) ||
PhEqualStringZ(stdObjectSecurity->ObjectType, L"SamServer", TRUE) ||
PhEqualStringZ(stdObjectSecurity->ObjectType, L"SamUser", TRUE)
)
{
PSECURITY_DESCRIPTOR securityDescriptor;
status = stdObjectSecurity->OpenObject(
&handle,
PhGetAccessForGetSecurity(SecurityInformation),
stdObjectSecurity->Context
);
if (!NT_SUCCESS(status))
return status;
status = SamQuerySecurityObject(
handle,
SecurityInformation,
&securityDescriptor
);
if (NT_SUCCESS(status))
{
*SecurityDescriptor = PhAllocateCopy(
securityDescriptor,
RtlLengthSecurityDescriptor(securityDescriptor)
);
SamFreeMemory(securityDescriptor);
}
SamCloseHandle(handle);
}
else
{
status = PhStdGetObjectSecurity(SecurityDescriptor, SecurityInformation, Context);
}
return status;
}
