windows安全对象结构体

MSDN

https://docs.microsoft.com/windows/win32/secauthz/authorization-portal

  1. SID_NAME_USE SID类型

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    typedef enum _SID_NAME_USE {
    SidTypeUser = 1,
    SidTypeGroup,
    SidTypeDomain,
    SidTypeAlias,
    SidTypeWellKnownGroup,
    SidTypeDeletedAccount,
    SidTypeInvalid,
    SidTypeUnknown,
    SidTypeComputer,
    SidTypeLabel
    } SID_NAME_USE, *PSID_NAME_USE;
  2. SECURITY_DESCRIPTOR

    1
    2
    3
    4
    5
    6
    7
    8
    9
    typedef struct _SECURITY_DESCRIPTOR {
    BYTE Revision;
    BYTE Sbz1;
    SECURITY_DESCRIPTOR_CONTROL Control;
    PSID Owner;
    PSID Group;
    PACL Sacl;
    PACL Dacl;
    } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;
  3. ACL

    • DACL is a pointer to a discretionary ACL
    • SACL Sacl - is a pointer to a system ACL
    1
    2
    3
    4
    5
    6
    7
    8
    typedef struct _ACL {
    BYTE AclRevision;
    BYTE Sbz1;
    WORD AclSize;
    WORD AceCount;
    WORD Sbz2;
    } ACL;
    typedef ACL *PACL;
  4. ACL_SIZE_INFORMATION

    1
    2
    3
    4
    5
    6
    typedef struct _ACL_SIZE_INFORMATION {
    DWORD AceCount;
    DWORD AclBytesInUse;
    DWORD AclBytesFree;
    } ACL_SIZE_INFORMATION;
    typedef ACL_SIZE_INFORMATION *PACL_SIZE_INFORMATION;
  5. LookupAccountName

    1
    2
    3
    4
    5
    SID_NAME_USE snuType;
    LPVOID pUserSID = NULL; // 都置为0
    DWORD cbUserSID = 0;
    LPVOID szDomain = NULL;
    DWORD cbUserSID = 0;
  6. AddAce AddAccessAllowedAceEx

    1
    2
    3
    4
    5
    6
    7
    8
    9

    //https://docs.microsoft.com/windows/win32/api/securitybaseapi/nf-securitybaseapi-addaccessallowedaceex
    BOOL AddAccessAllowedAceEx(
    PACL pAcl,
    DWORD dwAceRevision,
    DWORD AceFlags,
    DWORD AccessMask,
    PSID pSid
    );
  7. SID

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    #ifndef SID_DEFINED
    #define SID_DEFINED
    typedef struct _SID {
    BYTE Revision;
    BYTE SubAuthorityCount;
    SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
    #ifdef MIDL_PASS
    [size_is(SubAuthorityCount)] DWORD SubAuthority[*];
    #else // MIDL_PASS
    DWORD SubAuthority[ANYSIZE_ARRAY];
    #endif // MIDL_PASS
    } SID, *PISID;
    #endif
  8. EXPLICIT_ACCESS

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    typedef struct _EXPLICIT_ACCESS_W
    {
    DWORD grfAccessPermissions;
    ACCESS_MODE grfAccessMode;
    DWORD grfInheritance;
    TRUSTEE_W Trustee;
    } EXPLICIT_ACCESS_W, *PEXPLICIT_ACCESS_W, EXPLICIT_ACCESSW, *PEXPLICIT_ACCESSW;

    typedef enum _ACCESS_MODE
    {
    NOT_USED_ACCESS = 0,
    GRANT_ACCESS,
    SET_ACCESS,
    DENY_ACCESS,
    REVOKE_ACCESS,
    SET_AUDIT_SUCCESS,
    SET_AUDIT_FAILURE
    } ACCESS_MODE;

    typedef struct _TRUSTEE_W
    {
    struct _TRUSTEE_W *pMultipleTrustee;
    MULTIPLE_TRUSTEE_OPERATION MultipleTrusteeOperation;
    TRUSTEE_FORM TrusteeForm;
    TRUSTEE_TYPE TrusteeType;
    #ifdef __midl
    [switch_is(TrusteeForm)]
    union
    {
    [case(TRUSTEE_IS_NAME)]
    LPWSTR ptstrName;
    [case(TRUSTEE_IS_SID)]
    SID *pSid;
    [case(TRUSTEE_IS_OBJECTS_AND_SID)]
    OBJECTS_AND_SID *pObjectsAndSid;
    [case(TRUSTEE_IS_OBJECTS_AND_NAME)]
    OBJECTS_AND_NAME_W *pObjectsAndName;
    };
    #else
    LPWSTR ptstrName;
    #endif
    } TRUSTEE_W, *PTRUSTEE_W, TRUSTEEW, *PTRUSTEEW;
打赏
  • 版权声明: 本博客所有文章除特别声明外,均采用 Apache License 2.0 许可协议。转载请注明出处!
  • © 2020-2021 一潭清泓
  • Powered by Hexo Theme Ayer
  • PV: UV:

请我喝杯咖啡吧~

支付宝
微信