/// <include file='doc\AccessControlEntry.uex' path='docs/doc[@for="AccessControlEntry.AccessControlEntry2"]/*' />
/// <devdoc>
/// <para>[To be supplied.]</para>
/// </devdoc>
public AccessControlEntry(Trustee trustee, GenericAccessRights genericAccessRights, StandardAccessRights standardAccessRights, AccessControlEntryType entryType)
{
this.GenericAccessRights = genericAccessRights;
this.StandardAccessRights = standardAccessRights;
this.Trustee = trustee;
this.EntryType = entryType;
}
/// <summary>
/// Do an access check between a security descriptor and a token to determine the allowed access.
/// </summary>
/// <param name="sd">The security descriptor</param>
/// <param name="token">The access token.</param>
/// <param name="access_rights">The set of access rights to check against</param>
/// <param name="generic_mapping">The type specific generic mapping (get from corresponding NtType entry).</param>
/// <returns>The allowed access mask as a unsigned integer.</returns>
/// <exception cref="NtException">Thrown if an error occurred in the access check.</exception>
public static uint GetAllowedAccess(SecurityDescriptor sd, NtToken token, GenericAccessRights access_rights, GenericMapping generic_mapping)
{
if (sd == null)
{
throw new ArgumentNullException("sd");
}
if (token == null)
{
throw new ArgumentNullException("token");
}
using (var sd_buffer = sd.ToSafeBuffer())
{
using (NtToken imp_token = token.DuplicateToken(SecurityImpersonationLevel.Identification))
{
uint granted_access;
NtStatus result_status;
using (var privs = new SafePrivilegeSetBuffer())
{
int buffer_length = privs.Length;
NtSystemCalls.NtAccessCheck(sd_buffer, imp_token.Handle, (uint)access_rights,
ref generic_mapping, privs, ref buffer_length, out granted_access, out result_status).ToNtException();
if (result_status.IsSuccess())
{
return(granted_access);
}
return(0);
}
}
}
}
/// <include file='doc\AccessControlEntry.uex' path='docs/doc[@for="AccessControlEntry.AccessControlEntry2"]/*' />
/// <devdoc>
/// <para>[To be supplied.]</para>
/// </devdoc>
public AccessControlEntry(Trustee trustee, GenericAccessRights genericAccessRights, StandardAccessRights standardAccessRights, AccessControlEntryType entryType)
{
this.GenericAccessRights = genericAccessRights;
this.StandardAccessRights = standardAccessRights;
this.Trustee = trustee;
this.EntryType = entryType;
}
private void btnOpen_Click(object sender, EventArgs e)
{
if (String.IsNullOrWhiteSpace(txtObjectName.Text))
{
MessageBox.Show(this, "Please select a named section", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else
{
string name = txtObjectName.Text;
try
{
GenericAccessRights access = GenericAccessRights.GenericRead;
if (!checkReadOnly.Checked)
{
access |= GenericAccessRights.GenericWrite;
}
ObjectHandle = NtObject.OpenWithType(_typename, name, null, access);
ObjectName = name;
ReadOnly = checkReadOnly.Checked;
DialogResult = DialogResult.OK;
Close();
}
catch (NtException ex)
{
MessageBox.Show(this, ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}
public AccessControlEntry(Trustee trustee,
GenericAccessRights genericAccessRights,
StandardAccessRights standardAccessRights,
AccessControlEntryType entryType)
{
throw new NotImplementedException();
}
static RegistryKey OpenKey(RegistryKey base_key, string path, bool writable = false, bool throw_on_error = true)
{
IntPtr root_key = base_key != null?base_key.Handle.DangerousGetHandle() : IntPtr.Zero;
using (ObjectAttributes KeyName = new ObjectAttributes(path, AttributeFlags.CaseInsensitive | AttributeFlags.OpenLink, root_key))
{
SafeRegistryHandle keyHandle;
GenericAccessRights desired_access = GenericAccessRights.GenericRead;
if (writable)
{
desired_access |= GenericAccessRights.GenericWrite;
}
int status = NtOpenKeyEx(out keyHandle, desired_access, KeyName, 0);
if (throw_on_error)
{
StatusToNtException(status);
}
if (status == 0)
{
return(RegistryKey.FromHandle(keyHandle));
}
return(null);
}
}
public AccessControlEntry(Trustee trustee,
GenericAccessRights genericAccessRights,
StandardAccessRights standardAccessRights,
AccessControlEntryType entryType)
{
throw new NotImplementedException();
}
static extern int NtCreateKey(
out IntPtr KeyHandle,
GenericAccessRights DesiredAccess,
[In] ObjectAttributes ObjectAttributes,
int TitleIndex,
[In] UnicodeString Class,
KeyCreateOptions CreateOptions,
out int Disposition);
public static extern int NtDuplicateToken(
IntPtr ExistingTokenHandle,
GenericAccessRights DesiredAccess,
ObjectAttributes ObjectAttributes,
bool EffectiveOnly,
TokenType TokenType,
out IntPtr NewTokenHandle
);
private static extern IntPtr CreateFileW(
string lpFileName,
GenericAccessRights dwDesiredAccess,
FileShare dwShareMode,
IntPtr lpSecurityAttributes,
CreationDisposition dwCreationDisposition,
FileFlagAttribute dwFlagsAndAttributes,
IntPtr hTemplateFile
);
public static extern NtStatus NtDuplicateObject(
SafeHandle SourceProcessHandle,
SafeHandle SourceHandle,
SafeHandle TargetProcessHandle,
out SafeKernelObjectHandle TargetHandle,
GenericAccessRights DesiredAccess,
AttributeFlags HandleAttributes,
DuplicateObjectOptions Options
);
public int return_data_size; // 20
public CmApiOpenKeyData(int device_type, int callback_id, string name, GenericAccessRights desired_access, bool create, int hardware_id, int return_data_size)
{
this.cbSize = Marshal.SizeOf(this);
this.device_type = device_type;
this.callback_id = callback_id;
this.name = name;
this.name_size = (name.Length + 1) * 2;
this.desired_access = desired_access;
this.create = create ? 1 : 0;
this.hardware_id = hardware_id;
this.return_data_size = return_data_size;
}
private static FileStream CreateFileStream(string name, GenericAccessRights desiredAccess, FileShare shareMode,
FileAccess dotNetFileAccess)
{
SafeFileHandle file =
new SafeFileHandle(
CreateFileW(name, desiredAccess, shareMode, IntPtr.Zero, CreationDisposition.OpenExisting,
FileFlagAttribute.AttributeNormal, IntPtr.Zero), true);
if (file.IsInvalid)
{
return(null);
}
FileStream fs = new FileStream(file, dotNetFileAccess);
return(fs);
}
private static SafeFileHandle OpenReparsePoint(string path, bool writeAccess)
{
using (Process currentProcess = Process.GetCurrentProcess())
{
IntPtr tokenHandle = IntPtr.Zero;
try
{
tokenHandle = AdvApi32.OpenProcessToken(currentProcess.Handle, TokenAccessLevels.AdjustPrivileges | TokenAccessLevels.Query);
Luid luid = AdvApi32.LookupPrivilegeValue(writeAccess ? PrivilegeName.Restore : PrivilegeName.Backup);
var privileges = new TokenPrivileges
{
PrivilegeCount = 1,
Privileges = new []
{
new Privilege()
{
Luid = luid,
Attributes = Privilege.EnabledAttribute,
}
}
};
AdvApi32.AdjustTokenPrivileges(tokenHandle, privileges);
}
finally
{
if (tokenHandle != IntPtr.Zero)
{
Kernel32.CloseHandle(tokenHandle);
}
}
}
GenericAccessRights access = GenericAccessRights.Read;
if (writeAccess)
{
access |= GenericAccessRights.Write;
}
SafeFileHandle handle = Kernel32.CreateFile(path, access, FileShare.None,
FileMode.Open, FileAttributes.Normal, FileFlags.OpenReparsePoint | FileFlags.BackupSemantics);
return(handle);
}
/// <summary>
/// Add an access allowed ACE to the DACL
/// </summary>
/// <param name="mask">The access mask</param>
/// <param name="sid">The SID in SDDL form</param>
public void AddAccessAllowedAce(GenericAccessRights mask, string sid)
{
AddAccessAllowedAceInternal((uint)mask, AceFlags.None, sid);
}
public AccessControlEntry(Trustee trustee, GenericAccessRights genericAccessRights, StandardAccessRights standardAccessRights, AccessControlEntryType entryType) {}
/// <summary>
/// Add an access allowed ACE to the DACL
/// </summary>
/// <param name="mask">The access mask</param>
/// <param name="flags">The ACE flags</param>
/// <param name="sid">The SID in SDDL form</param>
public void AddAccessAllowedAce(GenericAccessRights mask, AceFlags flags, string sid)
{
AddAccessAllowedAce((uint)mask, flags, sid);
}
/// <summary>
/// Duplicate the internal handle to a new handle.
/// </summary>
/// <param name="access_rights">The access rights for the new handle</param>
/// <returns>The new duplicated handle.</returns>
public SafeKernelObjectHandle DuplicateHandle(GenericAccessRights access_rights)
{
return(DuplicateHandle((uint)access_rights));
}
/// <summary>
/// Duplicate the internal handle to a new handle.
/// </summary>
/// <param name="source_process">The source process for the handle</param>
/// <param name="dest_process">The desination process for the handle</param>
/// <param name="handle">The handle in the source process to duplicate</param>
/// <param name="access_rights">The access rights for the new handle</param>
/// <returns>The new duplicated handle.</returns>
public static SafeKernelObjectHandle DuplicateHandle(NtProcess source_process, SafeHandle handle, NtProcess dest_process, GenericAccessRights access_rights)
{
return(DuplicateHandle(source_process, handle, dest_process, access_rights, DuplicateObjectOptions.None));
}
public static extern int NtOpenProcessTokenEx(
IntPtr ProcessHandle,
GenericAccessRights DesiredAccess,
AttributeFlags HandleAttributes,
out IntPtr TokenHandle);
private void UpdateTokenData()
{
UserGroup user = _token.GetUser();
txtUsername.Text = user.GetName();
txtUserSid.Text = user.Sid.ToString();
TokenType tokentype = _token.GetTokenType();
txtTokenType.Text = _token.GetTokenType().ToString();
TokenLibrary.TokenImpersonationLevel implevel = _token.GetImpersonationLevel();
txtImpLevel.Text = implevel.ToString();
txtTokenId.Text = FormatLuid(_token.GetTokenId());
txtModifiedId.Text = FormatLuid(_token.GetModifiedId());
txtAuthId.Text = FormatLuid(_token.GetAuthenticationId());
if (Enum.IsDefined(typeof(TokenLibrary.TokenIntegrityLevel), _token.GetTokenIntegrityLevel()))
{
comboBoxIL.SelectedItem = _token.GetTokenIntegrityLevel();
comboBoxILForDup.SelectedItem = _token.GetTokenIntegrityLevel();
}
else
{
comboBoxIL.Text = _token.GetTokenIntegrityLevel().ToString();
comboBoxILForDup.Text = _token.GetTokenIntegrityLevel().ToString();
}
txtSessionId.Text = _token.GetSessionId().ToString();
txtSourceName.Text = _token.GetSourceName();
txtSourceId.Text = FormatLuid(_token.GetSourceId());
TokenElevationType evtype = _token.GetElevationType();
txtElevationType.Text = evtype.ToString();
txtIsElevated.Text = _token.IsElevated().ToString();
txtOriginLoginId.Text = FormatLuid(_token.GetTokenOriginId());
btnLinkedToken.Enabled = evtype != TokenElevationType.Default;
UpdateGroupList();
txtPrimaryGroup.Text = _token.GetPrimaryGroup().GetName();
txtOwner.Text = _token.GetDefaultOwner().GetName();
RawAcl defdacl = _token.GetDefaultDacl();
if (defdacl != null)
{
foreach (GenericAce ace in defdacl)
{
KnownAce kace = ace as KnownAce;
if (kace != null)
{
UserGroup group = new UserGroup(kace.SecurityIdentifier, GroupFlags.None);
ListViewItem item = new ListViewItem(group.GetName());
uint mask = (uint)(GenericAccessRights.GenericAll | GenericAccessRights.GenericExecute | GenericAccessRights.GenericRead | GenericAccessRights.GenericWrite);
string maskstr;
if (((uint)kace.AccessMask & ~mask) != 0)
{
maskstr = String.Format("0x{0:X08}", kace.AccessMask);
}
else
{
GenericAccessRights generic = (GenericAccessRights)kace.AccessMask;
maskstr = generic.ToString();
}
item.SubItems.Add(maskstr);
item.SubItems.Add(kace.AceFlags.ToString());
item.SubItems.Add(kace.AceType.ToString());
listViewDefDacl.Items.Add(item);
}
}
}
else
{
listViewDefDacl.Items.Add("No Default DACL");
}
listViewDefDacl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.ColumnContent);
listViewDefDacl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize);
if (_token.IsRestricted())
{
PopulateGroupList(listViewRestrictedSids, _token.GetRestrictedSids());
}
else
{
tabControlMain.TabPages.Remove(tabPageRestricted);
}
if (_token.IsAppContainer())
{
PopulateGroupList(listViewCapabilities, _token.GetCapabilities());
txtACNumber.Text = _token.GetAppContainerNumber().ToString();
txtPackageSid.Text = _token.GetPackageSid().GetName();
}
else
{
tabControlMain.TabPages.Remove(tabPageAppContainer);
}
txtUIAccess.Text = _token.IsUIAccess().ToString();
txtSandboxInert.Text = _token.IsSandboxInert().ToString();
bool virtAllowed = _token.IsVirtualizationAllowed();
txtVirtualizationAllowed.Text = virtAllowed.ToString();
if (virtAllowed)
{
txtVirtualizationEnabled.Text = _token.IsVirtualizationEnabled().ToString();
}
else
{
txtVirtualizationEnabled.Text = "N/A";
}
txtMandatoryILPolicy.Text = _token.GetIntegrityLevelPolicy().ToString();
UpdatePrivileges();
}
/// <summary>
/// Add an access denied ace to the ACL
/// </summary>
/// <param name="mask">The ACE access mask</param>
/// <param name="sid">The ACE SID</param>
public void AddAccessDeniedAce(GenericAccessRights mask, Sid sid)
{
AddAccessDeniedAce(mask, AceFlags.None, sid);
}
public static extern int NtLoadKeyEx(ObjectAttributes DestinationName, ObjectAttributes FileName, LoadKeyFlags Flags,
IntPtr TrustKeyHandle, IntPtr EventHandle, GenericAccessRights DesiredAccess, out SafeRegistryHandle KeyHandle, int Unused);
/// <summary>
/// Add an access denied ACE to the DACL
/// </summary>
/// <param name="mask">The access mask</param>
/// <param name="sid">The SID</param>
public void AddAccessDeniedAce(GenericAccessRights mask, Sid sid)
{
AddAccessDeniedAceInternal((uint)mask, AceFlags.None, sid);
}
private void UpdateTokenData()
{
UserGroup user = _token.User;
txtUsername.Text = user.ToString();
txtUserSid.Text = user.Sid.ToString();
TokenType tokentype = _token.TokenType;
txtTokenType.Text = _token.TokenType.ToString();
if (_token.TokenType == TokenType.Impersonation)
{
SecurityImpersonationLevel implevel = _token.ImpersonationLevel;
txtImpLevel.Text = implevel.ToString();
}
else
{
txtImpLevel.Text = "N/A";
}
txtTokenId.Text = FormatLuid(_token.Id);
txtModifiedId.Text = FormatLuid(_token.ModifiedId);
txtAuthId.Text = FormatLuid(_token.AuthenticationId);
if (Enum.IsDefined(typeof(TokenIntegrityLevel), _token.IntegrityLevel))
{
comboBoxIL.SelectedItem = _token.IntegrityLevel;
comboBoxILForDup.SelectedItem = _token.IntegrityLevel;
}
else
{
comboBoxIL.Text = _token.IntegrityLevel.ToString();
comboBoxILForDup.Text = _token.IntegrityLevel.ToString();
}
txtSessionId.Text = _token.SessionId.ToString();
txtSourceName.Text = _token.Source.SourceName;
txtSourceId.Text = FormatLuid(_token.Source.SourceIdentifier);
TokenElevationType evtype = _token.ElevationType;
txtElevationType.Text = evtype.ToString();
txtIsElevated.Text = _token.Elevated.ToString();
txtOriginLoginId.Text = FormatLuid(_token.Origin);
btnLinkedToken.Enabled = evtype != TokenElevationType.Default;
UpdateGroupList();
txtPrimaryGroup.Text = _token.PrimaryGroup.Name;
txtOwner.Text = _token.Owner.Name;
Acl defdacl = _token.DefaultDacl;
if (!defdacl.NullAcl)
{
foreach (Ace ace in defdacl)
{
UserGroup group = new UserGroup(ace.Sid, GroupAttributes.None);
ListViewItem item = new ListViewItem(group.ToString());
uint mask = (uint)(GenericAccessRights.GenericAll | GenericAccessRights.GenericExecute | GenericAccessRights.GenericRead | GenericAccessRights.GenericWrite);
string maskstr;
if (((uint)ace.Mask & ~mask) != 0)
{
maskstr = String.Format("0x{0:X08}", ace.Mask);
}
else
{
GenericAccessRights generic = (GenericAccessRights)ace.Mask;
maskstr = generic.ToString();
}
item.SubItems.Add(maskstr);
item.SubItems.Add(ace.AceFlags.ToString());
item.SubItems.Add(ace.AceType.ToString());
listViewDefDacl.Items.Add(item);
}
}
else
{
listViewDefDacl.Items.Add("No Default DACL");
}
listViewDefDacl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.ColumnContent);
listViewDefDacl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize);
if (_token.Restricted)
{
PopulateGroupList(listViewRestrictedSids, _token.RestrictedSids);
}
else
{
tabControlMain.TabPages.Remove(tabPageRestricted);
}
if (_token.AppContainer)
{
PopulateGroupList(listViewCapabilities, _token.Capabilities);
txtACNumber.Text = _token.AppContainerNumber.ToString();
txtPackageSid.Text = _token.AppContainerSid.Name;
}
else
{
tabControlMain.TabPages.Remove(tabPageAppContainer);
}
txtUIAccess.Text = _token.UiAccess.ToString();
txtSandboxInert.Text = _token.SandboxInert.ToString();
bool virtAllowed = _token.VirtualizationAllowed;
txtVirtualizationAllowed.Text = virtAllowed.ToString();
btnToggleVirtualizationEnabled.Enabled = virtAllowed;
if (virtAllowed)
{
txtVirtualizationEnabled.Text = _token.VirtualizationEnabled.ToString();
}
else
{
txtVirtualizationEnabled.Text = "N/A";
}
txtMandatoryILPolicy.Text = _token.MandatoryPolicy.ToString();
txtHandleAccess.Text = _token.GrantedAccess.ToString();
UpdatePrivileges();
UpdateSecurityAttributes();
}
/// <summary>
/// Add an access denied ACE to the DACL
/// </summary>
/// <param name="mask">The access mask</param>
/// <param name="flags">The ACE flags</param>
/// <param name="sid">The SID in SDDL form</param>
public void AddAccessDeniedAce(GenericAccessRights mask, AceFlags flags, string sid)
{
AddAccessDeniedAceInternal((uint)mask, flags, sid);
}
/// <summary>
/// Add an access allowed ACE to the DACL
/// </summary>
/// <param name="mask">The access mask</param>
/// <param name="flags">The ACE flags</param>
/// <param name="sid">The SID</param>
public void AddAccessAllowedAce(GenericAccessRights mask, AceFlags flags, Sid sid)
{
AddAccessAllowedAceInternal((uint)mask, flags, sid);
}
/// <summary>
/// Add an access allowed ACE to the DACL
/// </summary>
/// <param name="mask">The access mask</param>
/// <param name="sid">The SID in SDDL form</param>
public void AddAccessAllowedAce(GenericAccessRights mask, string sid)
{
AddAccessAllowedAceInternal((uint)mask, AceFlags.None, sid);
}
public static extern int NtDuplicateToken(
IntPtr ExistingTokenHandle,
GenericAccessRights DesiredAccess,
ObjectAttributes ObjectAttributes,
bool EffectiveOnly,
TokenType TokenType,
out IntPtr NewTokenHandle
);
public static extern int NtOpenProcessTokenEx(
IntPtr ProcessHandle,
GenericAccessRights DesiredAccess,
AttributeFlags HandleAttributes,
out IntPtr TokenHandle);
public static extern int NtLoadKeyEx(ObjectAttributes DestinationName, ObjectAttributes FileName, LoadKeyFlags Flags,
IntPtr TrustKeyHandle, IntPtr EventHandle, GenericAccessRights DesiredAccess, out SafeRegistryHandle KeyHandle, int Unused);
/// <summary>
/// Add an access denied ACE to the DACL
/// </summary>
/// <param name="mask">The access mask</param>
/// <param name="sid">The SID</param>
public void AddAccessDeniedAce(GenericAccessRights mask, Sid sid)
{
AddAccessDeniedAceInternal((uint)mask, AceFlags.None, sid);
}
private A UIntToAccess(GenericAccessRights access)
{
return((A)Enum.ToObject(typeof(A), (uint)access));
}
/// <summary>
/// Add an access denied ACE to the DACL
/// </summary>
/// <param name="mask">The access mask</param>
/// <param name="flags">The ACE flags</param>
/// <param name="sid">The SID in SDDL form</param>
public void AddAccessDeniedAce(GenericAccessRights mask, AceFlags flags, string sid)
{
AddAccessDeniedAceInternal((uint)mask, flags, sid);
}
/// <summary>
/// Add an access allowed ACE to the DACL
/// </summary>
/// <param name="mask">The access mask</param>
/// <param name="flags">The ACE flags</param>
/// <param name="sid">The SID in SDDL form</param>
public void AddAccessAllowedAce(GenericAccessRights mask, AceFlags flags, string sid)
{
AddAccessAllowedAce((uint)mask, flags, sid);
}
/// <summary>
/// Add an access allowed ACE to the DACL
/// </summary>
/// <param name="mask">The access mask</param>
/// <param name="flags">The ACE flags</param>
/// <param name="sid">The SID</param>
public void AddAccessAllowedAce(GenericAccessRights mask, AceFlags flags, Sid sid)
{
AddAccessAllowedAceInternal((uint)mask, flags, sid);
}
/// <summary>
/// Duplicate the internal handle to a new handle.
/// </summary>
/// <param name="source_process">The source process for the handle</param>
/// <param name="dest_process">The desination process for the handle</param>
/// <param name="handle">The handle in the source process to duplicate</param>
/// <param name="options">Duplicate handle options</param>
/// <param name="access_rights">The access rights for the new handle</param>
/// <returns>The new duplicated handle.</returns>
public static SafeKernelObjectHandle DuplicateHandle(NtProcess source_process, SafeHandle handle, NtProcess dest_process, GenericAccessRights access_rights, DuplicateObjectOptions options)
{
SafeKernelObjectHandle new_handle;
NtSystemCalls.NtDuplicateObject(source_process.Handle, handle,
dest_process.Handle, out new_handle,
GenericAccessRights.None, AttributeFlags.None,
DuplicateObjectOptions.SameAccess).ToNtException();
return(new_handle);
}
public NtObject Open(GenericAccessRights access)
{
return(NtObject.OpenWithType(TypeName, Name, _root, access));
}
/// <summary>
/// Open an NT object with a specified type.
/// </summary>
/// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param>
/// <param name="path">The path to the object to open.</param>
/// <param name="root">A root directory to open from.</param>
/// <param name="access">Generic access rights to the object.</param>
/// <returns>The opened object.</returns>
/// <exception cref="NtException">Thrown if an error occurred opening the object.</exception>
/// <exception cref="ArgumentException">Thrown if type of resource couldn't be found.</exception>
public static NtObject OpenWithType(string typename, string path, NtObject root, GenericAccessRights access)
{
if (typename == null)
{
typename = NtDirectory.GetDirectoryEntryType(path, root);
if (typename == null)
{
throw new ArgumentException(String.Format("Can't find type for path {0}", path));
}
}
switch (typename.ToLower())
{
case "device":
return(NtFile.Open(path, root, (FileAccessRights)access, FileShareMode.None, FileOpenOptions.None));
case "file":
return(NtFile.Open(path, root, (FileAccessRights)access, FileShareMode.Read | FileShareMode.Write | FileShareMode.Delete, FileOpenOptions.None));
case "event":
return(NtEvent.Open(path, root, (EventAccessRights)access));
case "directory":
return(NtDirectory.Open(path, root, (DirectoryAccessRights)access));
case "symboliclink":
return(NtSymbolicLink.Open(path, root, (SymbolicLinkAccessRights)access));
case "mutant":
return(NtMutant.Open(path, root, (MutantAccessRights)access));
case "semaphore":
return(NtSemaphore.Open(path, root, (SemaphoreAccessRights)access));
case "section":
return(NtSection.Open(path, root, (SectionAccessRights)access));
case "job":
return(NtJob.Open(path, root, (JobAccessRights)access));
case "key":
return(NtKey.Open(path, root, (KeyAccessRights)access));
default:
throw new ArgumentException(String.Format("Can't open type {0}", typename));
}
}
/// <summary>
/// Creates or opens a file or I/O device. The most commonly used I/O devices are as follows: file, file stream, directory, physical disk, volume, console buffer, tape drive, communications resource, mailslot, and pipe.
/// The function returns a handle that can be used to access the file or device for various types of I/O depending on the file or device and the flags and attributes specified.
/// </summary>
/// <param name="path">
/// The name of the file or device to be created or opened. You may use either forward slashes (/) or backslashes (\) in this name.
/// </param>
/// <param name="access">
/// The requested access to the file or device, which can be summarized as read, write, both or neither.
/// </param>
/// <param name="share">
/// The requested sharing mode of the file or device, which can be read, write, both, delete, all of these, or none.
/// Access requests to attributes or extended attributes are not affected by this flag.
/// </param>
/// <param name="mode">
/// An action to take on a file or device that exists or does not exist.
/// For devices other than files, this parameter is usually set to FileMode.Open.
/// </param>
/// <param name="attributes">
/// The file or device attributes.
/// </param>
/// <param name="flags">
/// The file or device flags.
/// </param>
/// <returns>If the function succeeds, the return value is an open handle to the specified file, device, named pipe, or mail slot.</returns>
public static SafeFileHandle CreateFile(string path, GenericAccessRights access, FileShare share, FileMode mode, FileAttributes attributes, FileFlags flags)
{
return(CreateFileInternal(path, (uint)access, share, mode, (uint)attributes | (uint)flags));
}
static extern int NtOpenKeyEx(
out SafeRegistryHandle KeyHandle,
GenericAccessRights DesiredAccess,
[In] ObjectAttributes ObjectAttributes,
int OpenOptions
);
public static extern SafeFileHandle CreateFile(string lpFileName, GenericAccessRights dwDesiredAccess, ShareMode dwShareMode, IntPtr lpSecurityAttributes, CreationDisposition dwCreationDisposition, FlagsAndAttributes dwFlagsAndAttributes, IntPtr hTemplateFile);
