/// <summary>
/// Constructor
/// </summary>
/// <param name="base_object">Base object for security descriptor</param>
/// <param name="token">Token for determining user rights</param>
/// <param name="is_directory">True if a directory security descriptor</param>
public SecurityDescriptor(NtObject base_object, NtToken token, bool is_directory) : this()
{
if ((base_object == null) && (token == null))
{
throw new ArgumentNullException();
}
SecurityDescriptor parent_sd = null;
if (base_object != null)
{
parent_sd = base_object.SecurityDescriptor;
}
SecurityDescriptor creator_sd = null;
if (token != null)
{
creator_sd = new SecurityDescriptor
{
Owner = new SecurityDescriptorSid(token.Owner, false),
Group = new SecurityDescriptorSid(token.PrimaryGroup, false),
Dacl = token.DefaultDacl
};
}
NtType type = base_object.NtType;
SafeBuffer parent_sd_buffer = SafeHGlobalBuffer.Null;
SafeBuffer creator_sd_buffer = SafeHGlobalBuffer.Null;
SafeSecurityObjectHandle security_obj = null;
try
{
if (parent_sd != null)
{
parent_sd_buffer = parent_sd.ToSafeBuffer();
}
if (creator_sd != null)
{
creator_sd_buffer = creator_sd.ToSafeBuffer();
}
GenericMapping mapping = type.GenericMapping;
NtRtl.RtlNewSecurityObject(parent_sd_buffer, creator_sd_buffer, out security_obj, is_directory,
token != null ? token.Handle : SafeKernelObjectHandle.Null, ref mapping).ToNtException();
ParseSecurityDescriptor(security_obj);
}
finally
{
parent_sd_buffer?.Close();
creator_sd_buffer?.Close();
security_obj?.Close();
}
}
/// <summary>
/// Get a capability group sid by name.
/// </summary>
/// <param name="capability_name">The name of the capability.</param>
/// <returns>The capability SID.</returns>
public static Sid GetCapabilityGroupSid(string capability_name)
{
using (SafeHGlobalBuffer cap_sid = new SafeHGlobalBuffer(Sid.MaximumSidSize),
cap_group_sid = new SafeHGlobalBuffer(Sid.MaximumSidSize))
{
NtRtl.RtlDeriveCapabilitySidsFromName(
new UnicodeString(capability_name),
cap_group_sid, cap_sid).ToNtException();
return(new Sid(cap_group_sid));
}
}
private static void GetCapabilitySids(string capability_name, out Sid capability_sid, out Sid capability_group_sid)
{
using (SafeHGlobalBuffer cap_sid = new SafeHGlobalBuffer(Sid.MaximumSidSize),
cap_group_sid = new SafeHGlobalBuffer(Sid.MaximumSidSize))
{
NtRtl.RtlDeriveCapabilitySidsFromName(
new UnicodeString(capability_name),
cap_group_sid, cap_sid).ToNtException();
capability_sid = new Sid(cap_sid);
capability_group_sid = new Sid(cap_group_sid);
}
}
private void ParseSecurityDescriptor(SafeBuffer buffer)
{
if (!NtRtl.RtlValidSecurityDescriptor(buffer))
{
throw new ArgumentException("Invalid security descriptor");
}
Owner = QuerySid(buffer, NtRtl.RtlGetOwnerSecurityDescriptor);
Group = QuerySid(buffer, NtRtl.RtlGetGroupSecurityDescriptor);
Dacl = QueryAcl(buffer, NtRtl.RtlGetDaclSecurityDescriptor);
Sacl = QueryAcl(buffer, NtRtl.RtlGetSaclSecurityDescriptor);
NtRtl.RtlGetControlSecurityDescriptor(buffer, out SecurityDescriptorControl control, out uint revision).ToNtException();
Control = control;
Revision = revision;
}
private void ParseSecurityDescriptor(SafeBuffer buffer)
{
if (!NtRtl.RtlValidSecurityDescriptor(buffer))
{
throw new NtException(NtStatus.STATUS_INVALID_SECURITY_DESCR);
}
Owner = QuerySid(buffer, NtRtl.RtlGetOwnerSecurityDescriptor);
Group = QuerySid(buffer, NtRtl.RtlGetGroupSecurityDescriptor);
Dacl = QueryAcl(buffer, NtRtl.RtlGetDaclSecurityDescriptor);
Sacl = QueryAcl(buffer, NtRtl.RtlGetSaclSecurityDescriptor);
NtRtl.RtlGetControlSecurityDescriptor(buffer, out SecurityDescriptorControl control, out uint revision).ToNtException();
Control = control;
Revision = revision;
}
/// <summary>
/// Convert a DOS filename to an NT filename and get as an ObjectAttributes structure
/// </summary>
/// <param name="filename">The DOS filename.</param>
/// <param name="attributes">The object attribute flags.</param>
/// <param name="sqos">An optional security quality of service.</param>
/// <param name="security_descriptor">An optional security descriptor.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The object attributes</returns>
public static NtResult <ObjectAttributes> DosFileNameToObjectAttributes(string filename, AttributeFlags attributes,
SecurityQualityOfService sqos, SecurityDescriptor security_descriptor, bool throw_on_error)
{
if (filename == null)
{
throw new ArgumentNullException("filename");
}
UnicodeStringOut nt_name = new UnicodeStringOut();
RtlRelativeName relative_name = new RtlRelativeName();
try
{
NtStatus status = NtRtl.RtlDosPathNameToRelativeNtPathName_U_WithStatus(filename, out nt_name,
out IntPtr short_path, relative_name);
if (!status.IsSuccess())
{
return(status.CreateResultFromError <ObjectAttributes>(throw_on_error));
}
string final_name;
SafeKernelObjectHandle root = SafeKernelObjectHandle.Null;
if (relative_name.RelativeName.Buffer != IntPtr.Zero)
{
final_name = relative_name.RelativeName.ToString();
root = new SafeKernelObjectHandle(relative_name.ContainingDirectory, false);
}
else
{
final_name = nt_name.ToString();
}
return(status.CreateResult(false, () =>
new ObjectAttributes(final_name, attributes, root, sqos, security_descriptor)));
}
finally
{
if (nt_name.Buffer != IntPtr.Zero)
{
NtRtl.RtlFreeUnicodeString(ref nt_name);
}
if (relative_name.RelativeName.Buffer != IntPtr.Zero)
{
NtRtl.RtlReleaseRelativeName(relative_name);
}
}
}
private void ParseAcl(IntPtr acl)
{
var size_info = GetAclInformation <AclSizeInformation>(acl, AclInformationClass.AclSizeInformation);
using (var buffer = new SafeHGlobalBuffer(acl, size_info.AclBytesInUse, false)) {
using (var reader = new BinaryReader(new UnmanagedMemoryStream(buffer, 0, size_info.AclBytesInUse))) {
for (int i = 0; i < size_info.AceCount; ++i)
{
NtRtl.RtlGetAce(acl, i, out IntPtr ace).ToNtException();
reader.BaseStream.Position = ace.ToInt64() - acl.ToInt64();
Add(Ace.CreateAceFromReader(reader));
}
}
}
Revision = GetAclInformation <AclRevisionInformation>(acl, AclInformationClass.AclRevisionInformation).AclRevision;
}
/// <summary>
/// Convert to an SDDL format string.
/// </summary>
/// <returns>The SDDL format string (e.g. S-1-1-0)</returns>
public override string ToString()
{
using (SafeSidBufferHandle sid = ToSafeBuffer())
{
UnicodeStringOut str = new UnicodeStringOut();
NtRtl.RtlConvertSidToUnicodeString(ref str, sid.DangerousGetHandle(), true).ToNtException();
try
{
return(str.ToString());
}
finally
{
NtRtl.RtlFreeUnicodeString(ref str);
}
}
}
/// <summary>
/// Convert the ACL to a byte array
/// </summary>
/// <returns>The ACL as a byte array</returns>
public byte[] ToByteArray()
{
AclRevision revision;
byte[] aces;
using (var ace_stm = new MemoryStream())
{
using (var writer = new BinaryWriter(ace_stm))
{
revision = Revision;
switch (revision)
{
case AclRevision.Revision:
case AclRevision.RevisionCompound:
case AclRevision.RevisionDS:
break;
default:
revision = AclRevision.Revision;
break;
}
foreach (Ace ace in this)
{
ace.Serialize(writer);
if (ace.IsObjectAce)
{
revision = AclRevision.RevisionDS;
}
else if (ace.Type == AceType.AllowedCompound &&
revision < AclRevision.RevisionCompound)
{
revision = AclRevision.RevisionCompound;
}
}
}
aces = ace_stm.ToArray();
}
using (var buffer = new SafeHGlobalBuffer(Marshal.SizeOf(typeof(AclStructure)) + aces.Length))
{
NtRtl.RtlCreateAcl(buffer, buffer.Length, revision).ToNtException();
NtRtl.RtlAddAce(buffer, revision, uint.MaxValue, aces, aces.Length).ToNtException();
return(buffer.ToArray());
}
}
/// <summary>
/// Get the default named pipe ACL for the current caller.
/// </summary>
/// <returns>The default named pipe ACL.</returns>
public static Acl GetDefaultNamedPipeAcl()
{
IntPtr acl = IntPtr.Zero;
try
{
NtRtl.RtlDefaultNpAcl(out acl).ToNtException();
return(new Acl(acl, false));
}
finally
{
if (acl != IntPtr.Zero)
{
NtHeap.Current.Free(HeapAllocFlags.None, acl.ToInt64());
}
}
}
/// <summary>
/// Convert a DOS filename to an absolute NT filename
/// </summary>
/// <param name="filename">The filename, can be relative</param>
/// <returns>The NT filename</returns>
public static string DosFileNameToNt(string filename)
{
UnicodeStringOut nt_name = new UnicodeStringOut();
try
{
IntPtr short_path;
NtRtl.RtlDosPathNameToRelativeNtPathName_U_WithStatus(filename, out nt_name, out short_path, null).ToNtException();
return(nt_name.ToString());
}
finally
{
if (nt_name.Buffer != IntPtr.Zero)
{
NtRtl.RtlFreeUnicodeString(ref nt_name);
}
}
}
private void InitializeFromPointer(IntPtr sid)
{
if (!NtRtl.RtlValidSid(sid))
{
throw new NtException(NtStatus.STATUS_INVALID_SID);
}
IntPtr authority = NtRtl.RtlIdentifierAuthoritySid(sid);
Authority = (SidIdentifierAuthority)Marshal.PtrToStructure(authority, typeof(SidIdentifierAuthority));
int sub_authority_count = Marshal.ReadByte(NtRtl.RtlSubAuthorityCountSid(sid));
SubAuthorities = new List <uint>();
for (int i = 0; i < sub_authority_count; ++i)
{
SubAuthorities.Add((uint)Marshal.ReadInt32(NtRtl.RtlSubAuthoritySid(sid, i), 0));
}
}
private SafeHGlobalBuffer CreateAbsoluteSecurityDescriptor()
{
SafeStructureInOutBuffer <SecurityDescriptorStructure> sd_buffer = null;
try
{
byte[] dacl = Dacl?.ToByteArray();
byte[] sacl = Sacl?.ToByteArray();
byte[] owner = Owner?.Sid.ToArray();
byte[] group = Group?.Sid.ToArray();
int total_size = GetLength(dacl) + GetLength(sacl) + GetLength(owner) + GetLength(group);
sd_buffer = new SafeStructureInOutBuffer <SecurityDescriptorStructure>(total_size, true);
NtRtl.RtlCreateSecurityDescriptor(sd_buffer, Revision).ToNtException();
SecurityDescriptorControl control = Control & SecurityDescriptorControl.ValidControlSetMask;
NtRtl.RtlSetControlSecurityDescriptor(sd_buffer, control, control).ToNtException();
int current_ofs = 0;
if (Dacl != null)
{
IntPtr ptr = UpdateBuffer(sd_buffer, Dacl.NullAcl ? null : dacl, ref current_ofs);
NtRtl.RtlSetDaclSecurityDescriptor(sd_buffer, true, ptr, Dacl.Defaulted).ToNtException();
}
if (Sacl != null)
{
IntPtr ptr = UpdateBuffer(sd_buffer, Sacl.NullAcl ? null : sacl, ref current_ofs);
NtRtl.RtlSetSaclSecurityDescriptor(sd_buffer, true, ptr, Sacl.Defaulted).ToNtException();
}
if (Owner != null)
{
IntPtr ptr = UpdateBuffer(sd_buffer, owner, ref current_ofs);
NtRtl.RtlSetOwnerSecurityDescriptor(sd_buffer, ptr, Owner.Defaulted);
}
if (Group != null)
{
IntPtr ptr = UpdateBuffer(sd_buffer, group, ref current_ofs);
NtRtl.RtlSetGroupSecurityDescriptor(sd_buffer, ptr, Group.Defaulted);
}
return(Interlocked.Exchange(ref sd_buffer, null));
}
finally
{
sd_buffer?.Close();
}
}
private static IntPtr CreateProcessParameters(
string ImagePathName,
string DllPath,
string CurrentDirectory,
string CommandLine,
byte[] Environment,
string WindowTitle,
string DesktopInfo,
string ShellInfo,
string RuntimeData,
uint Flags)
{
IntPtr ret;
NtRtl.RtlCreateProcessParametersEx(out ret, GetString(ImagePathName), GetString(DllPath), GetString(CurrentDirectory),
GetString(CommandLine), Environment, GetString(WindowTitle), GetString(DesktopInfo), GetString(ShellInfo), GetString(RuntimeData), Flags).ToNtException();
return(ret);
}
/// <summary>
/// Convert a DOS filename to an absolute NT filename
/// </summary>
/// <param name="filename">The filename, can be relative</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The NT filename</returns>
public static NtResult <string> DosFileNameToNt(string filename, bool throw_on_error)
{
if (filename == null)
{
throw new ArgumentNullException("filename");
}
UnicodeStringOut nt_name = new UnicodeStringOut();
try {
return(NtRtl.RtlDosPathNameToRelativeNtPathName_U_WithStatus(filename, out nt_name,
out IntPtr short_path, null).CreateResult(throw_on_error, () => nt_name.ToString()));
} finally {
if (nt_name.Buffer != IntPtr.Zero)
{
NtRtl.RtlFreeUnicodeString(ref nt_name);
}
}
}
private NtStatus InitializeFromPointer(IntPtr sid)
{
if (!NtRtl.RtlValidSid(sid))
{
return(NtStatus.STATUS_INVALID_SID);
}
IntPtr authority = NtRtl.RtlIdentifierAuthoritySid(sid);
Authority = authority.ReadStruct <SidIdentifierAuthority>();
int sub_authority_count = Marshal.ReadByte(NtRtl.RtlSubAuthorityCountSid(sid));
List <uint> sub_auth = new List <uint>();
for (int i = 0; i < sub_authority_count; ++i)
{
sub_auth.Add((uint)Marshal.ReadInt32(NtRtl.RtlSubAuthoritySid(sid, i), 0));
}
SubAuthorities = sub_auth.AsReadOnly();
return(NtStatus.STATUS_SUCCESS);
}
/// <summary>
/// Compare two buffers for equality.
/// </summary>
/// <param name="left">The left buffer.</param>
/// <param name="left_offset">The offset into the left buffer.</param>
/// <param name="right">The right buffer.</param>
/// <param name="right_offset">The offset into the right buffer.</param>
/// <param name="length">The length to compare.</param>
/// <returns>True if the buffers are equal.</returns>
public static bool EqualBuffer(this SafeBuffer left, int left_offset, SafeBuffer right, int right_offset, int length)
{
if (length == 0)
{
return(true);
}
long left_length = left.GetLength();
long right_length = right.GetLength();
if (left_length < (left_offset + length) ||
right_length < (right_offset + length))
{
return(false);
}
IntPtr compare_length = new IntPtr(length);
return(NtRtl.RtlCompareMemory(left.DangerousGetHandle() + left_offset, right.DangerousGetHandle() + right_offset, compare_length) == compare_length);
}
/// <summary>
/// Convert a DOS filename to an absolute NT filename
/// </summary>
/// <param name="filename">The filename, can be relative</param>
/// <returns>The NT filename</returns>
public static string DosFileNameToNt(string filename)
{
if (filename == null)
{
throw new ArgumentNullException("filename");
}
UnicodeStringOut nt_name = new UnicodeStringOut();
try
{
NtRtl.RtlDosPathNameToRelativeNtPathName_U_WithStatus(filename, out nt_name, out IntPtr short_path, null).ToNtException();
return nt_name.ToString();
}
finally
{
if (nt_name.Buffer != IntPtr.Zero)
{
NtRtl.RtlFreeUnicodeString(ref nt_name);
}
}
}
/// <summary>
/// Convert the SID to a safe buffer.
/// </summary>
/// <returns>The safe buffer containing the SID.</returns>
public SafeSidBufferHandle ToSafeBuffer()
{
SafeSidBufferHandle sid;
try {
NtRtl.RtlAllocateAndInitializeSidEx(Authority,
(byte)SubAuthorities.Count, SubAuthorities.ToArray(), out sid).ToNtException();
} catch (EntryPointNotFoundException) {
// If not found then we're on a downlevel platform, try and use the old version
// which is limited to 8 subauthorities.
uint[] sub_authories = SubAuthorities.ToArray();
if (sub_authories.Length != 8)
{
Array.Resize(ref sub_authories, 8);
}
NtRtl.RtlAllocateAndInitializeSid(Authority, (byte)SubAuthorities.Count,
sub_authories[0], sub_authories[1], sub_authories[2], sub_authories[3],
sub_authories[4], sub_authories[5], sub_authories[6], sub_authories[7],
out sid).ToNtException();
}
return(sid);
}
private SafeHGlobalBuffer CreateRelativeSecurityDescriptor()
{
using (var sd_buffer = CreateAbsoluteSecurityDescriptor())
{
int total_length = 0;
NtStatus status = NtRtl.RtlAbsoluteToSelfRelativeSD(sd_buffer, new SafeHGlobalBuffer(IntPtr.Zero, 0, false), ref total_length);
if (status != NtStatus.STATUS_BUFFER_TOO_SMALL)
{
status.ToNtException();
}
var relative_sd = new SafeHGlobalBuffer(total_length);
try
{
NtRtl.RtlAbsoluteToSelfRelativeSD(sd_buffer, relative_sd, ref total_length).ToNtException();
return(Interlocked.Exchange(ref relative_sd, null));
}
finally
{
relative_sd?.Close();
}
}
}
private NtResult <SafeHGlobalBuffer> CreateRelativeSecurityDescriptor(bool throw_on_error)
{
using (var sd_buffer = CreateAbsoluteSecurityDescriptor(throw_on_error))
{
if (!sd_buffer.IsSuccess)
{
return(sd_buffer);
}
int total_length = 0;
NtStatus status = NtRtl.RtlAbsoluteToSelfRelativeSD(sd_buffer.Result, SafeHGlobalBuffer.Null, ref total_length);
if (status != NtStatus.STATUS_BUFFER_TOO_SMALL)
{
return(status.CreateResultFromError <SafeHGlobalBuffer>(throw_on_error));
}
using (var relative_sd = new SafeHGlobalBuffer(total_length))
{
return(NtRtl.RtlAbsoluteToSelfRelativeSD(sd_buffer.Result, relative_sd, ref total_length)
.CreateResult(throw_on_error, () => relative_sd.Detach()));
}
}
}
private NtStatus ParseSecurityDescriptor(SafeBuffer buffer)
{
if (!NtRtl.RtlValidSecurityDescriptor(buffer))
{
return(NtStatus.STATUS_INVALID_SECURITY_DESCR);
}
Owner = QuerySid(buffer, NtRtl.RtlGetOwnerSecurityDescriptor);
Group = QuerySid(buffer, NtRtl.RtlGetGroupSecurityDescriptor);
Dacl = QueryAcl(buffer, NtRtl.RtlGetDaclSecurityDescriptor);
Sacl = QueryAcl(buffer, NtRtl.RtlGetSaclSecurityDescriptor);
NtStatus status = NtRtl.RtlGetControlSecurityDescriptor(buffer,
out SecurityDescriptorControl control, out uint revision);
if (!status.IsSuccess())
{
return(status);
}
Control = control;
Revision = revision;
return(NtStatus.STATUS_SUCCESS);
}
/// <summary>
/// Convert a DOS filename to an NT filename and get as an ObjectAttributes structure
/// </summary>
/// <param name="filename">The filename</param>
/// <returns>The object attributes</returns>
public static ObjectAttributes DosFileNameToObjectAttributes(string filename)
{
if (filename == null)
{
throw new ArgumentNullException("filename");
}
UnicodeStringOut nt_name = new UnicodeStringOut();
RtlRelativeName relative_name = new RtlRelativeName();
try
{
NtRtl.RtlDosPathNameToRelativeNtPathName_U_WithStatus(filename, out nt_name, out IntPtr short_path, relative_name).ToNtException();
if (relative_name.RelativeName.Buffer != IntPtr.Zero)
{
return(new ObjectAttributes(relative_name.RelativeName.ToString(), AttributeFlags.CaseInsensitive,
new SafeKernelObjectHandle(relative_name.ContainingDirectory, false), null, null));
}
else
{
return(new ObjectAttributes(nt_name.ToString(), AttributeFlags.CaseInsensitive));
}
}
finally
{
if (nt_name.Buffer != IntPtr.Zero)
{
NtRtl.RtlFreeUnicodeString(ref nt_name);
}
if (relative_name.RelativeName.Buffer != IntPtr.Zero)
{
NtRtl.RtlReleaseRelativeName(relative_name);
}
}
}
/// <summary>
/// Convert security descriptor to a byte array
/// </summary>
/// <returns>The binary security descriptor</returns>
public byte[] ToByteArray()
{
SafeStructureInOutBuffer <SecurityDescriptorStructure> sd_buffer = null;
SafeHGlobalBuffer dacl_buffer = null;
SafeHGlobalBuffer sacl_buffer = null;
SafeSidBufferHandle owner_buffer = null;
SafeSidBufferHandle group_buffer = null;
try
{
sd_buffer = new SafeStructureInOutBuffer <SecurityDescriptorStructure>();
NtRtl.RtlCreateSecurityDescriptor(sd_buffer, Revision).ToNtException();
SecurityDescriptorControl control = Control & SecurityDescriptorControl.ValidControlSetMask;
NtRtl.RtlSetControlSecurityDescriptor(sd_buffer, control, control).ToNtException();
if (Dacl != null)
{
if (!Dacl.NullAcl)
{
dacl_buffer = new SafeHGlobalBuffer(Dacl.ToByteArray());
}
else
{
dacl_buffer = new SafeHGlobalBuffer(IntPtr.Zero, 0, false);
}
NtRtl.RtlSetDaclSecurityDescriptor(sd_buffer, true, dacl_buffer.DangerousGetHandle(), Dacl.Defaulted).ToNtException();
}
if (Sacl != null)
{
if (!Sacl.NullAcl)
{
sacl_buffer = new SafeHGlobalBuffer(Sacl.ToByteArray());
}
else
{
sacl_buffer = new SafeHGlobalBuffer(IntPtr.Zero, 0, false);
}
NtRtl.RtlSetSaclSecurityDescriptor(sd_buffer, true, sacl_buffer.DangerousGetHandle(), Sacl.Defaulted).ToNtException();
}
if (Owner != null)
{
owner_buffer = Owner.Sid.ToSafeBuffer();
NtRtl.RtlSetOwnerSecurityDescriptor(sd_buffer, owner_buffer.DangerousGetHandle(), Owner.Defaulted);
}
if (Group != null)
{
group_buffer = Group.Sid.ToSafeBuffer();
NtRtl.RtlSetGroupSecurityDescriptor(sd_buffer, group_buffer.DangerousGetHandle(), Group.Defaulted);
}
int total_length = 0;
NtStatus status = NtRtl.RtlAbsoluteToSelfRelativeSD(sd_buffer, new SafeHGlobalBuffer(IntPtr.Zero, 0, false), ref total_length);
if (status != NtStatus.STATUS_BUFFER_TOO_SMALL)
{
status.ToNtException();
}
using (SafeHGlobalBuffer relative_sd = new SafeHGlobalBuffer(total_length))
{
NtRtl.RtlAbsoluteToSelfRelativeSD(sd_buffer, relative_sd, ref total_length).ToNtException();
return(relative_sd.ToArray());
}
}
finally
{
sd_buffer?.Close();
dacl_buffer?.Close();
sacl_buffer?.Close();
owner_buffer?.Close();
group_buffer?.Close();
}
}
/// <summary>
/// Compares two sids to see if their prefixes are the same. The sids must have the same number of subauthorities.
/// </summary>
/// <param name="sid">The sid to compare against</param>
/// <returns>True if the sids share a prefix.</returns>
public bool EqualPrefix(Sid sid)
{
using (SafeSidBufferHandle sid1 = ToSafeBuffer(), sid2 = sid.ToSafeBuffer()) {
return(NtRtl.RtlEqualPrefixSid(sid1, sid2));
}
}
/// <summary>
/// Enable or disable Wow64 FS redirection.
/// </summary>
/// <param name="enable">True to enable FS redirection.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>The old enable state.</returns>
public static NtResult <bool> Wow64EnableFsRedirection(bool enable, bool throw_on_error)
{
return(NtRtl.RtlWow64EnableFsRedirectionEx(new IntPtr(enable ? 0 : 1), out IntPtr old_state)
.CreateResult(throw_on_error, () => old_state.ToInt32() == 0));
}
protected override bool ReleaseHandle()
{
return(NtRtl.RtlDeleteSecurityObject(ref handle).IsSuccess());
}
/// <summary>
/// Does this SID dominate another for trust.
/// </summary>
/// <param name="sid">The other SID.</param>
/// <param name="throw_on_error">True to throw on error.</param>
/// <returns>True if the sid dominates.</returns>
public NtResult <bool> DominatesForTrust(Sid sid, bool throw_on_error)
{
return(NtRtl.RtlSidDominatesForTrust(ToArray(), sid.ToArray(),
out bool result).CreateResult(throw_on_error, () => result));
}
/// <summary>
/// Zero an entire buffer.
/// </summary>
/// <param name="buffer">The buffer to zero.</param>
public static void ZeroBuffer(SafeBuffer buffer)
{
NtRtl.RtlZeroMemory(buffer.DangerousGetHandle(), new IntPtr(buffer.GetLength()));
}
/// <summary>
/// Fill an entire buffer with a specific byte value.
/// </summary>
/// <param name="buffer">The buffer to full.</param>
/// <param name="fill">The fill value.</param>
public static void FillBuffer(SafeBuffer buffer, byte fill)
{
NtRtl.RtlFillMemory(buffer.DangerousGetHandle(), new IntPtr(buffer.GetLength()), fill);
}
