blob: a14d90a9224b6ef96a7d0ba7a5c516d826b3d139 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.
//*****************************************************************************
// File: SecurityWrapper.h
//
// Wrapper around Win32 Security functions
//
//*****************************************************************************
#ifndef _SECURITY_WRAPPER_H
#define _SECURITY_WRAPPER_H
// This file should not even be included on Rotor.
//-----------------------------------------------------------------------------
// Wrapper around a PSID.
// This class does not own the memory.
//-----------------------------------------------------------------------------
class Sid
{
public:
// Initial the Sid wrapper around an existing SID.
Sid(PSID pSid);
static bool Equals(const Sid & a, const Sid & b) { return Equals(a.m_pSid, b.m_pSid); }
static bool Equals(const Sid & a, PSID b) { return Equals(a.m_pSid, b); }
static bool Equals(PSID a, const Sid & b) { return Equals(a, b.m_pSid); }
static bool Equals(PSID a, PSID b);
PSID RawSid() { return m_pSid; }
protected:
// Pointer to Sid buffer. We don't owner the data.
PSID m_pSid;
};
//-----------------------------------------------------------------------------
// Wrapper around a PSID with buffer.
//-----------------------------------------------------------------------------
class SidBuffer
{
public:
SidBuffer();
~SidBuffer();
// Get the underlying sid
Sid GetSid();
// Do we not have a sid? This will be true if init fails.
bool IsNull() { return m_pBuffer == NULL; }
// Go to definitions to see detailed comments
HRESULT InitFromProcessNoThrow(DWORD pid);
void InitFromProcess(DWORD pid); // throws
HRESULT InitFromProcessUserNoThrow(DWORD pid);
void InitFromProcessUser(DWORD pid); // throws
HRESULT InitFromProcessAppContainerSidNoThrow(DWORD pid);
protected:
BYTE * m_pBuffer;
};
#ifndef FEATURE_PAL
//-----------------------------------------------------------------------------
// Access Control List.
//-----------------------------------------------------------------------------
class Dacl
{
public:
Dacl(PACL pAcl);
SIZE_T GetAceCount();
ACE_HEADER * GetAce(SIZE_T dwAceIndex);
protected:
PACL m_acl;
};
//-----------------------------------------------------------------------------
// Represent a win32 SECURITY_DESCRIPTOR object.
// (Note there's a "SecurityDescriptor" class in the VM for managed goo,
// so we prefix this with "Win32" to avoid a naming collision.)
//-----------------------------------------------------------------------------
class Win32SecurityDescriptor
{
public:
Win32SecurityDescriptor();
~Win32SecurityDescriptor();
HRESULT InitFromHandleNoThrow(HANDLE h);
void InitFromHandle(HANDLE h); // throws
// Gets the owner SID from this SecurityDescriptor.
HRESULT GetOwnerNoThrow( PSID* ppSid );
Sid GetOwner(); // throws
Dacl GetDacl(); // throws
protected:
PSECURITY_DESCRIPTOR m_pDesc;
};
#endif // FEATURE_PAL
//-----------------------------------------------------------------------------
// Check if the handle owner belongs to either the process specified by the pid
// or the current process. This lets us know if the handle is spoofed.
//-----------------------------------------------------------------------------
bool IsHandleSpoofed(HANDLE handle, DWORD pid);
#endif // _SECURITY_WRAPPER_H
|