windows安全对象结构体

MSDN

https://docs.microsoft.com/windows/win32/secauthz/authorization-portal

1. SID_NAME_USE SID类型

   typedef enum _SID_NAME_USE {
       SidTypeUser = 1,
       SidTypeGroup,
       SidTypeDomain,
       SidTypeAlias,
       SidTypeWellKnownGroup,
       SidTypeDeletedAccount,
       SidTypeInvalid,
       SidTypeUnknown,
       SidTypeComputer,
       SidTypeLabel
   } SID_NAME_USE, *PSID_NAME_USE;

2. SECURITY_DESCRIPTOR

   typedef struct _SECURITY_DESCRIPTOR {
   BYTE  Revision;
   BYTE  Sbz1;
   SECURITY_DESCRIPTOR_CONTROL Control;
   PSID Owner;
   PSID Group;
   PACL Sacl;
   PACL Dacl;
   } SECURITY_DESCRIPTOR, *PISECURITY_DESCRIPTOR;

3. ACL

   • DACL is a pointer to a discretionary ACL
   • SACL Sacl - is a pointer to a system ACL

   typedef struct _ACL {
       BYTE  AclRevision;
       BYTE  Sbz1;
       WORD   AclSize;
       WORD   AceCount;
       WORD   Sbz2;
   } ACL;
   typedef ACL *PACL;

4. ACL_SIZE_INFORMATION

   typedef struct _ACL_SIZE_INFORMATION {
       DWORD AceCount;
       DWORD AclBytesInUse;
       DWORD AclBytesFree;
   } ACL_SIZE_INFORMATION;
   typedef ACL_SIZE_INFORMATION *PACL_SIZE_INFORMATION;

5. LookupAccountName

   SID_NAME_USE snuType;
   LPVOID pUserSID = NULL;   // 都置为0
   DWORD cbUserSID = 0;
   LPVOID szDomain = NULL;
   DWORD cbUserSID = 0;

6. AddAce AddAccessAllowedAceEx

   //https://docs.microsoft.com/windows/win32/api/securitybaseapi/nf-securitybaseapi-addaccessallowedaceex
   BOOL AddAccessAllowedAceEx(
   PACL  pAcl,
   DWORD dwAceRevision,
   DWORD AceFlags,
   DWORD AccessMask,
   PSID  pSid
   );

7. SID

   #ifndef SID_DEFINED
   #define SID_DEFINED
   typedef struct _SID {
   BYTE  Revision;
   BYTE  SubAuthorityCount;
   SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
   #ifdef MIDL_PASS
   [size_is(SubAuthorityCount)] DWORD SubAuthority[*];
   #else // MIDL_PASS
   DWORD SubAuthority[ANYSIZE_ARRAY];
   #endif // MIDL_PASS
   } SID, *PISID;
   #endif

8. EXPLICIT_ACCESS

   typedef struct _EXPLICIT_ACCESS_W
   {
       DWORD        grfAccessPermissions;
       ACCESS_MODE  grfAccessMode;
       DWORD        grfInheritance;
       TRUSTEE_W    Trustee;
   } EXPLICIT_ACCESS_W, *PEXPLICIT_ACCESS_W, EXPLICIT_ACCESSW, *PEXPLICIT_ACCESSW;
   
   typedef enum _ACCESS_MODE
   {
       NOT_USED_ACCESS = 0,
       GRANT_ACCESS,
       SET_ACCESS,
       DENY_ACCESS,
       REVOKE_ACCESS,
       SET_AUDIT_SUCCESS,
       SET_AUDIT_FAILURE
   } ACCESS_MODE;
   
   typedef struct _TRUSTEE_W
   {
       struct _TRUSTEE_W          *pMultipleTrustee;
       MULTIPLE_TRUSTEE_OPERATION  MultipleTrusteeOperation;
       TRUSTEE_FORM                TrusteeForm;
       TRUSTEE_TYPE                TrusteeType;
   #ifdef __midl
       [switch_is(TrusteeForm)]
       union
       {
       [case(TRUSTEE_IS_NAME)]
           LPWSTR                  ptstrName;
       [case(TRUSTEE_IS_SID)]
           SID                    *pSid;
       [case(TRUSTEE_IS_OBJECTS_AND_SID)]
           OBJECTS_AND_SID        *pObjectsAndSid;
       [case(TRUSTEE_IS_OBJECTS_AND_NAME)]
           OBJECTS_AND_NAME_W     *pObjectsAndName;
       };
   #else
       LPWSTR                      ptstrName;
   #endif
   } TRUSTEE_W, *PTRUSTEE_W, TRUSTEEW, *PTRUSTEEW;

打赏