/// <summary> /// Add an access denied ACE to the DACL /// </summary> /// <param name="mask">The access mask</param> /// <param name="sid">The SID in SDDL form</param> public void AddAccessDeniedAce(AccessMask mask, string sid) { AddAccessDeniedAceInternal(mask, AceFlags.None, sid); }
/// <summary> /// Add an access allowed ace to the ACL /// </summary> /// <param name="mask">The ACE access mask</param> /// <param name="sid">The ACE SID</param> public void AddAccessAllowedAce(AccessMask mask, string sid) { AddAccessAllowedAce(mask, AceFlags.None, sid); }
/// <summary> /// Add an access denied ace to the ACL /// </summary> /// <param name="mask">The ACE access mask</param> /// <param name="flags">The ACE flags</param> /// <param name="sid">The ACE SID</param> public void AddAccessDeniedAce(AccessMask mask, AceFlags flags, Sid sid) { Add(new Ace(AceType.Denied, flags, mask, sid)); }
/// <summary> /// Duplicate object. /// </summary> /// <param name="access_rights">Access rights to duplicate with.</param> /// <param name="flags">Attribute flags.</param> /// <param name="options">Duplicate options</param> /// <param name="throw_on_error">True to throw an exception on error.</param> /// <returns>The duplicated object.</returns> public abstract NtResult <NtObject> DuplicateObject(AccessMask access_rights, AttributeFlags flags, DuplicateObjectOptions options, bool throw_on_error);
/// <summary> /// Duplicate object with specific access rights. /// </summary> /// <param name="access_rights">Access rights to duplicate with.</param> /// <returns>The duplicated object.</returns> public NtObject DuplicateObject(AccessMask access_rights) { return(DuplicateObject(access_rights, AttributeFlags.None, DuplicateObjectOptions.None, true).Result); }
public static extern NtStatus NtOpenPartition( out SafeKernelObjectHandle PartitionHandle, AccessMask DesiredAccess, [In] ObjectAttributes ObjectAttributes );
/// <summary> /// Open an NT object with a specified type. /// </summary> /// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param> /// <param name="path">The path to the object to open.</param> /// <param name="root">A root directory to open from.</param> /// <param name="access">Generic access rights to the object.</param> /// <param name="attributes">Attributes to open the object.</param> /// <param name="security_quality_of_service">Security quality of service.</param> /// <returns>The opened object.</returns> /// <exception cref="NtException">Thrown if an error occurred opening the object.</exception> public static NtObject OpenWithType(string typename, string path, NtObject root, AttributeFlags attributes, AccessMask access, SecurityQualityOfService security_quality_of_service) { return(OpenWithType(typename, path, root, attributes, access, security_quality_of_service, true).Result); }
/// <summary> /// Convert an enumerable access rights to a string /// </summary> /// <param name="container">True to use the container access type.</param> /// <param name="granted_access">The granted access mask.</param> /// <param name="map_to_generic">True to try and convert to generic rights where possible.</param> /// <returns>The string format of the access rights</returns> public string AccessMaskToString(bool container, AccessMask granted_access, bool map_to_generic) { return(AccessMaskToString(container, granted_access, map_to_generic, false)); }
/// <summary> /// Convert an enumerable access rights to a string /// </summary> /// <param name="granted_access">The granted access mask.</param> /// <param name="map_to_generic">True to try and convert to generic rights where possible.</param> /// <returns>The string format of the access rights</returns> public string AccessMaskToString(AccessMask granted_access, bool map_to_generic) { return(NtSecurity.AccessMaskToString(granted_access, AccessRightsType, GenericMapping, map_to_generic)); }
/// <summary> /// Duplicate object. /// </summary> /// <param name="access_rights">Access rights to duplicate with.</param> /// <param name="flags">Attribute flags.</param> /// <param name="options">Duplicate options</param> /// <param name="throw_on_error">True to throw an exception on error.</param> /// <returns>The duplicated object.</returns> public sealed override NtResult <NtObject> DuplicateObject(AccessMask access_rights, AttributeFlags flags, DuplicateObjectOptions options, bool throw_on_error) { return(Duplicate(access_rights.ToSpecificAccess <A>(), flags, options, throw_on_error).Cast <NtObject>()); }
/// <summary> /// Convert an enumerable access rights to a string /// </summary> /// <param name="container">True to use the container access type.</param> /// <param name="granted_access">The granted access mask.</param> /// <param name="map_to_generic">True to try and convert to generic rights where possible.</param> /// <param name="sdk_names">Set to true to use SDK style names.</param> /// <returns>The string format of the access rights</returns> public string AccessMaskToString(bool container, AccessMask granted_access, bool map_to_generic, bool sdk_names) { return(NtSecurity.AccessMaskToString(granted_access, container ? ContainerAccessRightsType : AccessRightsType, GenericMapping, map_to_generic, sdk_names)); }
/// <summary> /// Open an NT object with a specified type. /// </summary> /// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param> /// <param name="path">The path to the object to open.</param> /// <param name="root">A root directory to open from.</param> /// <param name="access">Generic access rights to the object.</param> /// <returns>The opened object.</returns> /// <exception cref="NtException">Thrown if an error occurred opening the object.</exception> /// <exception cref="ArgumentException">Thrown if type of resource couldn't be found.</exception> public static NtObject OpenWithType(string typename, string path, NtObject root, AccessMask access) { if (typename == null) { typename = NtDirectory.GetDirectoryEntryType(path, root); if (typename == null) { throw new ArgumentException(String.Format("Can't find type for path {0}", path)); } } NtType type = NtType.GetTypeByName(typename, false); if (type != null && type.CanOpen) { return(type.Open(path, root, access)); } else { throw new ArgumentException(String.Format("Can't open type {0}", typename)); } }
/// <summary> /// Convert an enumerable access rights to a string /// </summary> /// <param name="granted_access">The granted access mask.</param> /// <param name="map_to_generic">True to try and convert to generic rights where possible.</param> /// <returns>The string format of the access rights</returns> public string AccessMaskToString(AccessMask granted_access, bool map_to_generic) { return(NtObjectUtils.GrantedAccessAsString(granted_access, GenericMapping, AccessRightsType, map_to_generic)); }
/// <summary> /// Add an access denied ACE to the DACL /// </summary> /// <param name="mask">The access mask</param> /// <param name="flags">The ACE flags</param> /// <param name="sid">The SID</param> public void AddAccessDeniedAce(AccessMask mask, AceFlags flags, Sid sid) { AddAccessDeniedAceInternal(mask, flags, sid); }
internal static NtResult <NtObject> FromName(ObjectAttributes object_attributes, AccessMask desired_access, bool throw_on_error) { return(Open(object_attributes, desired_access.ToSpecificAccess <MemoryPartitionAccessRights>(), throw_on_error).Cast <NtObject>()); }
/// <summary> /// Convert an enumerable access rights to a string /// </summary> /// <param name="granted_access">The granted access mask.</param> /// <returns>The string format of the access rights</returns> public string AccessMaskToString(AccessMask granted_access) { return(AccessMaskToString(granted_access, false)); }
public static extern NtStatus NtCreatePartition( out SafeKernelObjectHandle PartitionHandle, AccessMask DesiredAccess, [In] ObjectAttributes ObjectAttributes, int PreferredNode );
/// <summary> /// Checks if an access mask represents a read permission on this type /// </summary> /// <param name="access_mask">The access mask to check</param> /// <returns>True if it has read permissions</returns> public bool HasReadPermission(AccessMask access_mask) { return(GenericMapping.HasRead(access_mask)); }
/// <summary> /// Duplicate a handle from and to the current process to a new handle with new access rights. /// </summary> /// <param name="src_handle">The source handle to duplicate</param> /// <param name="access_rights">The access for the new handle.</param> /// <returns>The duplicated handle.</returns> internal static SafeKernelObjectHandle DuplicateHandle(SafeKernelObjectHandle src_handle, AccessMask access_rights) { return(DuplicateHandle(src_handle, NtProcess.Current, access_rights, DuplicateObjectOptions.None)); }
/// <summary> /// Checks if an access mask represents a execute permission on this type /// </summary> /// <param name="access_mask">The access mask to check</param> /// <returns>True if it has execute permissions</returns> public bool HasExecutePermission(AccessMask access_mask) { return(GenericMapping.HasExecute(access_mask)); }
/// <summary> /// Open an NT object with a specified type. /// </summary> /// <param name="typename">The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type.</param> /// <param name="path">The path to the object to open.</param> /// <param name="root">A root directory to open from.</param> /// <param name="access">Generic access rights to the object.</param> /// <returns>The opened object.</returns> /// <exception cref="NtException">Thrown if an error occurred opening the object.</exception> /// <exception cref="ArgumentException">Thrown if type of resource couldn't be found.</exception> public static NtObject OpenWithType(string typename, string path, NtObject root, AccessMask access) { return(OpenWithType(typename, path, root, AttributeFlags.CaseInsensitive, access, null, true).Result); }
/// <summary> /// Checks if an access mask represents a full permission on this type /// </summary> /// <param name="access_mask">The access mask to check</param> /// <returns>True if it has full permissions</returns> public bool HasFullPermission(AccessMask access_mask) { return(GenericMapping.HasAll(access_mask)); }
/// <summary> /// Duplicate object. /// </summary> /// <param name="access_rights">Access rights to duplicate with.</param> /// <param name="flags">Attribute flags.</param> /// <param name="options">Duplicate options</param> /// <returns>The duplicated object.</returns> public NtObject DuplicateObject(AccessMask access_rights, AttributeFlags flags, DuplicateObjectOptions options) { return(DuplicateObject(access_rights, flags, options, true).Result); }
/// <summary> /// Unmap specific access rights to generic access rights for this type /// </summary> /// <param name="access_mask">The access mask to unmap</param> /// <returns>The unmapped access mask</returns> public AccessMask UnmapGenericRights(AccessMask access_mask) { return(GenericMapping.UnmapMask(access_mask)); }
/// <summary> /// Check if access is granted to a set of rights /// </summary> /// <param name="access">The access rights to check</param> /// <returns>True if all the access rights are granted</returns> public bool IsAccessMaskGranted(AccessMask access) { return(GrantedAccessMask.IsAllAccessGranted(access)); }
/// <summary> /// Checks if an access mask is valid for access of this object type. /// </summary> /// <param name="access_mask">The access mask to check</param> /// <returns>True if it valid access</returns> public bool IsValidAccess(AccessMask access_mask) { return((GenericMapping.MapMask(access_mask) & ~ValidAccess).IsEmpty); }
/// <summary> /// Add an access denied ace to the ACL /// </summary> /// <param name="mask">The ACE access mask</param> /// <param name="flags">The ACE flags</param> /// <param name="sid">The ACE SID</param> public void AddAccessDeniedAce(AccessMask mask, AceFlags flags, string sid) { Add(new Ace(AceType.Denied, flags, mask, new Sid(sid))); }
/// <summary> /// Get a fake type object. This can be used in access checking for operations which need an NtType object /// but there's no real NT object. /// </summary> /// <param name="name">The name of the fake type. Informational only.</param> /// <param name="generic_read">The GENERIC_READ for security checking.</param> /// <param name="generic_write">The GENERIC_WRITE for security checking.</param> /// <param name="generic_exec">The GENERIC_EXECUTE for security checking.</param> /// <param name="generic_all">The GENERIC_ALL for security checking.</param> /// <param name="access_rights_type">The access rights enumeration type.</param> /// <returns>The fake NT type object.</returns> public static NtType GetFakeType(string name, AccessMask generic_read, AccessMask generic_write, AccessMask generic_exec, AccessMask generic_all, Type access_rights_type) { return(GetFakeType(name, generic_read, generic_write, generic_exec, generic_all, access_rights_type, access_rights_type)); }
/// <summary> /// Add an access denied ace to the ACL /// </summary> /// <param name="mask">The ACE access mask</param> /// <param name="sid">The ACE SID</param> public void AddAccessDeniedAce(AccessMask mask, Sid sid) { AddAccessDeniedAce(mask, AceFlags.None, sid); }
/// <summary> /// Add an access allowed ACE to the DACL /// </summary> /// <param name="mask">The access mask</param> /// <param name="sid">The SID</param> public void AddAccessAllowedAce(AccessMask mask, Sid sid) { AddAccessAllowedAceInternal(mask, AceFlags.None, sid); }