advapi32: Add well-known SID WinBuiltinAnyPackageSid.
This commit is contained in:
parent
8741cba354
commit
3a771b6066
|
@ -133,6 +133,7 @@ static const WELLKNOWNSID WellKnownSids[] =
|
||||||
{ {'M','E'}, WinMediumLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_MEDIUM_RID } } },
|
{ {'M','E'}, WinMediumLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_MEDIUM_RID } } },
|
||||||
{ {'H','I'}, WinHighLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_HIGH_RID } } },
|
{ {'H','I'}, WinHighLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_HIGH_RID } } },
|
||||||
{ {'S','I'}, WinSystemLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_SYSTEM_RID } } },
|
{ {'S','I'}, WinSystemLabelSid, { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY}, { SECURITY_MANDATORY_SYSTEM_RID } } },
|
||||||
|
{ {0,0}, WinBuiltinAnyPackageSid, { SID_REVISION, 2, { SECURITY_APP_PACKAGE_AUTHORITY }, { SECURITY_APP_PACKAGE_BASE_RID, SECURITY_BUILTIN_PACKAGE_ANY_PACKAGE } } },
|
||||||
};
|
};
|
||||||
|
|
||||||
/* these SIDs must be constructed as relative to some domain - only the RID is well-known */
|
/* these SIDs must be constructed as relative to some domain - only the RID is well-known */
|
||||||
|
@ -173,7 +174,9 @@ typedef struct _AccountSid {
|
||||||
static const WCHAR Account_Operators[] = { 'A','c','c','o','u','n','t',' ','O','p','e','r','a','t','o','r','s',0 };
|
static const WCHAR Account_Operators[] = { 'A','c','c','o','u','n','t',' ','O','p','e','r','a','t','o','r','s',0 };
|
||||||
static const WCHAR Administrator[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0 };
|
static const WCHAR Administrator[] = {'A','d','m','i','n','i','s','t','r','a','t','o','r',0 };
|
||||||
static const WCHAR Administrators[] = { 'A','d','m','i','n','i','s','t','r','a','t','o','r','s',0 };
|
static const WCHAR Administrators[] = { 'A','d','m','i','n','i','s','t','r','a','t','o','r','s',0 };
|
||||||
|
static const WCHAR ALL_APPLICATION_PACKAGES[] = { 'A','L','L',' ','A','P','P','L','I','C','A','T','I','O','N',' ','P','A','C','K','A','G','E','S',0 };
|
||||||
static const WCHAR ANONYMOUS_LOGON[] = { 'A','N','O','N','Y','M','O','U','S',' ','L','O','G','O','N',0 };
|
static const WCHAR ANONYMOUS_LOGON[] = { 'A','N','O','N','Y','M','O','U','S',' ','L','O','G','O','N',0 };
|
||||||
|
static const WCHAR APPLICATION_PACKAGE_AUTHORITY[] = { 'A','P','P','L','I','C','A','T','I','O','N',' ','P','A','C','K','A','G','E',' ','A','U','T','H','O','R','I','T','Y',0 };
|
||||||
static const WCHAR Authenticated_Users[] = { 'A','u','t','h','e','n','t','i','c','a','t','e','d',' ','U','s','e','r','s',0 };
|
static const WCHAR Authenticated_Users[] = { 'A','u','t','h','e','n','t','i','c','a','t','e','d',' ','U','s','e','r','s',0 };
|
||||||
static const WCHAR Backup_Operators[] = { 'B','a','c','k','u','p',' ','O','p','e','r','a','t','o','r','s',0 };
|
static const WCHAR Backup_Operators[] = { 'B','a','c','k','u','p',' ','O','p','e','r','a','t','o','r','s',0 };
|
||||||
static const WCHAR BATCH[] = { 'B','A','T','C','H',0 };
|
static const WCHAR BATCH[] = { 'B','A','T','C','H',0 };
|
||||||
|
@ -277,6 +280,7 @@ static const AccountSid ACCOUNT_SIDS[] = {
|
||||||
{ WinOtherOrganizationSid, Other_Organization, NT_AUTHORITY, SidTypeWellKnownGroup },
|
{ WinOtherOrganizationSid, Other_Organization, NT_AUTHORITY, SidTypeWellKnownGroup },
|
||||||
{ WinBuiltinPerfMonitoringUsersSid, Performance_Monitor_Users, BUILTIN, SidTypeAlias },
|
{ WinBuiltinPerfMonitoringUsersSid, Performance_Monitor_Users, BUILTIN, SidTypeAlias },
|
||||||
{ WinBuiltinPerfLoggingUsersSid, Performance_Log_Users, BUILTIN, SidTypeAlias },
|
{ WinBuiltinPerfLoggingUsersSid, Performance_Log_Users, BUILTIN, SidTypeAlias },
|
||||||
|
{ WinBuiltinAnyPackageSid, ALL_APPLICATION_PACKAGES, APPLICATION_PACKAGE_AUTHORITY, SidTypeWellKnownGroup },
|
||||||
};
|
};
|
||||||
/*
|
/*
|
||||||
* ACE access rights
|
* ACE access rights
|
||||||
|
@ -2208,7 +2212,7 @@ LookupAccountSidW(
|
||||||
}
|
}
|
||||||
|
|
||||||
/* check the well known SIDs first */
|
/* check the well known SIDs first */
|
||||||
for (i = 0; i <= 60; i++) {
|
for (i = 0; i <= WinAccountProtectedUsersSid; i++) {
|
||||||
if (IsWellKnownSid(sid, i)) {
|
if (IsWellKnownSid(sid, i)) {
|
||||||
for (j = 0; j < (sizeof(ACCOUNT_SIDS) / sizeof(ACCOUNT_SIDS[0])); j++) {
|
for (j = 0; j < (sizeof(ACCOUNT_SIDS) / sizeof(ACCOUNT_SIDS[0])); j++) {
|
||||||
if (ACCOUNT_SIDS[j].type == i) {
|
if (ACCOUNT_SIDS[j].type == i) {
|
||||||
|
|
|
@ -1731,7 +1731,9 @@ static const struct well_known_sid_value
|
||||||
/* 69 */ {TRUE, "S-1-16-16384"}, {TRUE, "S-1-5-33"}, {TRUE, "S-1-3-4"},
|
/* 69 */ {TRUE, "S-1-16-16384"}, {TRUE, "S-1-5-33"}, {TRUE, "S-1-3-4"},
|
||||||
/* 72 */ {FALSE, "S-1-5-21-12-23-34-45-56-571"}, {FALSE, "S-1-5-21-12-23-34-45-56-572"},
|
/* 72 */ {FALSE, "S-1-5-21-12-23-34-45-56-571"}, {FALSE, "S-1-5-21-12-23-34-45-56-572"},
|
||||||
/* 74 */ {TRUE, "S-1-5-22"}, {FALSE, "S-1-5-21-12-23-34-45-56-521"}, {TRUE, "S-1-5-32-573"},
|
/* 74 */ {TRUE, "S-1-5-22"}, {FALSE, "S-1-5-21-12-23-34-45-56-521"}, {TRUE, "S-1-5-32-573"},
|
||||||
/* 77 */ {FALSE, "S-1-5-21-12-23-34-45-56-498"}, {TRUE, "S-1-5-32-574"}, {TRUE, "S-1-16-8448"}
|
/* 77 */ {FALSE, "S-1-5-21-12-23-34-45-56-498"}, {TRUE, "S-1-5-32-574"}, {TRUE, "S-1-16-8448"},
|
||||||
|
/* 80 */ {FALSE, NULL}, {TRUE, "S-1-2-1"}, {TRUE, "S-1-5-65-1"}, {FALSE, NULL},
|
||||||
|
/* 84 */ {TRUE, "S-1-15-2-1"},
|
||||||
};
|
};
|
||||||
|
|
||||||
static void test_CreateWellKnownSid(void)
|
static void test_CreateWellKnownSid(void)
|
||||||
|
@ -1780,15 +1782,12 @@ static void test_CreateWellKnownSid(void)
|
||||||
if (value->sid_string == NULL)
|
if (value->sid_string == NULL)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (i > WinAccountRasAndIasServersSid)
|
/* some SIDs aren't implemented by all Windows versions - detect it */
|
||||||
|
cb = sizeof(sid_buffer);
|
||||||
|
if (!pCreateWellKnownSid(i, NULL, sid_buffer, &cb))
|
||||||
{
|
{
|
||||||
/* These SIDs aren't implemented by all Windows versions - detect it and break the loop */
|
skip("Well known SID %u not implemented\n", i);
|
||||||
cb = sizeof(sid_buffer);
|
continue;
|
||||||
if (!pCreateWellKnownSid(i, domainsid, sid_buffer, &cb))
|
|
||||||
{
|
|
||||||
skip("Well known SIDs starting from %u are not implemented\n", i);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
cb = sizeof(sid_buffer);
|
cb = sizeof(sid_buffer);
|
||||||
|
|
|
@ -4181,6 +4181,18 @@ typedef struct _SID_AND_ATTRIBUTES {
|
||||||
#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS __MSABI_LONG(0x00000207)
|
#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS __MSABI_LONG(0x00000207)
|
||||||
#define DOMAIN_GROUP_RID_POLICY_ADMINS __MSABI_LONG(0x00000208)
|
#define DOMAIN_GROUP_RID_POLICY_ADMINS __MSABI_LONG(0x00000208)
|
||||||
|
|
||||||
|
#define SECURITY_APP_PACKAGE_AUTHORITY {0,0,0,0,0,15}
|
||||||
|
#define SECURITY_APP_PACKAGE_BASE_RID __MSABI_LONG(0x000000002)
|
||||||
|
#define SECURITY_BUILTIN_APP_PACKAGE_RID_COUNT __MSABI_LONG(0x000000002)
|
||||||
|
#define SECURITY_APP_PACKAGE_RID_COUNT __MSABI_LONG(0x000000008)
|
||||||
|
#define SECURITY_CAPABILITY_BASE_RID __MSABI_LONG(0x000000003)
|
||||||
|
#define SECURITY_CAPABILITY_APP_RID __MSABI_LONG(0x000000400)
|
||||||
|
#define SECURITY_BUILTIN_CAPABILITY_RID_COUNT __MSABI_LONG(0x000000002)
|
||||||
|
#define SECURITY_CAPABILITY_RID_COUNT __MSABI_LONG(0x000000005)
|
||||||
|
#define SECURITY_PARENT_PACKAGE_RID_COUNT SECURITY_APP_PACKAGE_RID_COUNT
|
||||||
|
#define SECURITY_CHILD_PACKAGE_RID_COUNT __MSABI_LONG(0x00000000c)
|
||||||
|
#define SECURITY_BUILTIN_PACKAGE_ANY_PACKAGE __MSABI_LONG(0x000000001)
|
||||||
|
|
||||||
#define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
|
#define SECURITY_MANDATORY_LABEL_AUTHORITY {0,0,0,0,0,16}
|
||||||
#define SECURITY_MANDATORY_UNTRUSTED_RID __MSABI_LONG(0x00000000)
|
#define SECURITY_MANDATORY_UNTRUSTED_RID __MSABI_LONG(0x00000000)
|
||||||
#define SECURITY_MANDATORY_LOW_RID __MSABI_LONG(0x00001000)
|
#define SECURITY_MANDATORY_LOW_RID __MSABI_LONG(0x00001000)
|
||||||
|
|
Loading…
Reference in New Issue