internal unsafe static void UnsafeSetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
fixed(byte *pSidOwner = (sidOwner != null ? sidOwner.GetNativeSID() : null))
{
fixed(byte *pSidGroup = (sidGroup != null ? sidGroup.GetNativeSID() : null))
{
fixed(byte *pDacl = (dacl != null ? dacl.GetNativeACL() : null))
{
fixed(byte *pSacl = (sacl != null ? sacl.GetNativeACL() : null))
{
DWORD rc = Win32.SetNamedSecurityInfo(objectName, objectType, securityInfo,
(IntPtr)pSidOwner, (IntPtr)pSidGroup, (IntPtr)pDacl, (IntPtr)pSacl);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
}
}
}
}
}
public void SetDacl(Dacl dacl, bool defaulted)
{
if (dacl == null)
{
throw new ArgumentException("Can't set null DACL on a security descriptor", "dacl");
}
UnsafeSetDacl(this, dacl, defaulted);
}
public static void SetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
UnsafeSetSecurityInfo(handle, ObjectType, SecurityInfo,
sidOwner, sidGroup, dacl, sacl);
}
public static void SetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
UnsafeSetNamedSecurityInfo(objectName, objectType, securityInfo,
sidOwner, sidGroup, dacl, sacl);
}
public void SetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo)
{
Sid ownerSid = (((securityInfo & SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION) == 0) ? null : this.Owner);
Sid groupSid = (((securityInfo & SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION) == 0) ? null : this.Group);
Dacl dacl = (((securityInfo & SECURITY_INFORMATION.DACL_SECURITY_INFORMATION) == 0) ? null : this.Dacl);
Sacl sacl = (((securityInfo & SECURITY_INFORMATION.SACL_SECURITY_INFORMATION) == 0) ? null : this.Sacl);
Win32Helpers.SetNamedSecurityInfo(objectName, objectType, securityInfo,
ownerSid, groupSid, dacl, sacl);
}
private static void UnsafeSetDacl(SecurityDescriptor secDesc, Dacl dacl, bool defaulted)
{
secDesc.MakeAbsolute();
// First we have to get a copy of the old group ptr, so that
// we can free it if everything goes well.
BOOL rc;
IntPtr pOldDacl = IntPtr.Zero;
if (!secDesc.IsNull)
{
BOOL oldDefaulted, oldPresent;
rc = Win32.GetSecurityDescriptorDacl(secDesc._secDesc, out oldPresent, ref pOldDacl, out oldDefaulted);
Win32.CheckCall(rc);
}
else
{
secDesc.AllocateAndInitializeSecurityDescriptor();
}
IntPtr pNewDacl = IntPtr.Zero;
try
{
if ((dacl != null) && !dacl.IsNull && !dacl.IsEmpty)
{
byte [] pacl = dacl.GetNativeACL();
pNewDacl = Win32.AllocGlobal(pacl.Length);
Marshal.Copy(pacl, 0, pNewDacl, pacl.Length);
}
bool present = ((dacl == null) || dacl.IsNull || (pNewDacl != IntPtr.Zero));
rc = Win32.SetSecurityDescriptorDacl(
secDesc._secDesc, (present ? Win32.TRUE : Win32.FALSE),
pNewDacl, (defaulted ? Win32.TRUE : Win32.FALSE));
Win32.CheckCall(rc);
Win32.FreeGlobal(pOldDacl);
}
catch
{
Win32.FreeGlobal(pNewDacl);
throw;
}
}
internal static unsafe void UnsafeSetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
fixed(byte *pSidOwner = (sidOwner != null ? sidOwner.GetNativeSID() : null))
{
fixed(byte *pSidGroup = (sidGroup != null ? sidGroup.GetNativeSID() : null))
{
fixed(byte *pDacl = (dacl != null ? dacl.GetNativeACL() : null))
{
fixed(byte *pSacl = (sacl != null ? sacl.GetNativeACL() : null))
{
DWORD rc = Win32.SetSecurityInfo(handle, ObjectType, SecurityInfo,
(IntPtr)pSidOwner, (IntPtr)pSidGroup, (IntPtr)pDacl, (IntPtr)pSacl);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
}
}
}
}
}
public static void SetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
UnsafeSetSecurityInfo (handle, ObjectType, SecurityInfo,
sidOwner, sidGroup, dacl, sacl);
}
public static void SetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
UnsafeSetNamedSecurityInfo (objectName, objectType, securityInfo,
sidOwner, sidGroup, dacl, sacl);
}
private static void UnsafeSetDacl(SecurityDescriptor secDesc, Dacl dacl, bool defaulted)
{
secDesc.MakeAbsolute();
// First we have to get a copy of the old group ptr, so that
// we can free it if everything goes well.
BOOL rc;
IntPtr pOldDacl = IntPtr.Zero;
if(!secDesc.IsNull)
{
BOOL oldDefaulted, oldPresent;
rc = Win32.GetSecurityDescriptorDacl(secDesc._secDesc, out oldPresent, ref pOldDacl, out oldDefaulted);
Win32.CheckCall(rc);
}
else
{
secDesc.AllocateAndInitializeSecurityDescriptor();
}
IntPtr pNewDacl = IntPtr.Zero;
try
{
if((dacl != null) && !dacl.IsNull && !dacl.IsEmpty)
{
byte []pacl = dacl.GetNativeACL();
pNewDacl = Win32.AllocGlobal(pacl.Length);
Marshal.Copy(pacl, 0, pNewDacl, pacl.Length);
}
bool present = ((dacl == null) || dacl.IsNull || (pNewDacl != IntPtr.Zero));
rc = Win32.SetSecurityDescriptorDacl(
secDesc._secDesc, (present ? Win32.TRUE : Win32.FALSE),
pNewDacl, (defaulted ? Win32.TRUE : Win32.FALSE));
Win32.CheckCall(rc);
Win32.FreeGlobal(pOldDacl);
}
catch
{
Win32.FreeGlobal(pNewDacl);
throw;
}
}
public void SetDacl(Dacl dacl, bool defaulted)
{
if (dacl == null)
throw new ArgumentException("Can't set null DACL on a security descriptor", "dacl");
UnsafeSetDacl(this, dacl, defaulted);
}
public void SetDacl(Dacl dacl)
{
SetDacl(dacl, false);
}
public void SetDacl(Dacl dacl)
{
SetDacl(dacl, false);
}
internal unsafe static void UnsafeSetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
byte[] pSidOwner = (sidOwner != null) ? sidOwner.GetNativeSID() : null;
byte[] pSidGroup = (sidGroup != null) ? sidGroup.GetNativeSID() : null;
byte[] pDacl = (dacl != null) ? dacl.GetNativeACL() : null;
byte[] pSacl = (sacl != null) ? sacl.GetNativeACL() : null;
DWORD rc = Win32.SetNamedSecurityInfo(objectName, objectType, securityInfo,
pSidOwner, pSidGroup, pDacl, pSacl);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
}
private static void AddAceForAccount(Dacl dacl, string account)
{
bool accountExists = true;
Sid sid = null;
try
{
sid = new Sid(account);
}
catch (COMException)
{
accountExists = false;
}
if (accountExists)
{
AceAccessAllowed netAce = new AceAccessAllowed(sid, AccessType.GENERIC_ALL, AceFlags.CONTAINER_INHERIT_ACE | AceFlags.OBJECT_INHERIT_ACE);
dacl.AddAce(netAce);
}
}
public static void GetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
out Sid sidOwner,
out Sid sidGroup,
out Dacl dacl,
out Sacl sacl,
out SecurityDescriptor secDesc)
{
sidOwner = null;
sidGroup = null;
dacl = null;
sacl = null;
secDesc = null;
IntPtr ptrOwnerSid = IntPtr.Zero;
IntPtr ptrGroupSid = IntPtr.Zero;
IntPtr ptrDacl = IntPtr.Zero;
IntPtr ptrSacl = IntPtr.Zero;
IntPtr ptrSecDesc = IntPtr.Zero;
DWORD rc = Win32.GetNamedSecurityInfo(objectName, objectType, securityInfo,
ref ptrOwnerSid, ref ptrGroupSid, ref ptrDacl, ref ptrSacl, ref ptrSecDesc);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
try
{
if (ptrOwnerSid != IntPtr.Zero)
{
sidOwner = new Sid(ptrOwnerSid);
}
if (ptrGroupSid != IntPtr.Zero)
{
sidGroup = new Sid(ptrGroupSid);
}
if (ptrDacl != IntPtr.Zero)
{
dacl = new Dacl(ptrDacl);
}
if (ptrSacl != IntPtr.Zero)
{
sacl = new Sacl(ptrSacl);
}
if (ptrSecDesc != IntPtr.Zero)
{
secDesc = new SecurityDescriptor(ptrSecDesc, true);
}
}
catch
{
if (ptrSecDesc != IntPtr.Zero)
{
Win32.LocalFree(ptrSecDesc);
}
throw;
}
}
public static void GetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
out Sid sidOwner,
out Sid sidGroup,
out Dacl dacl,
out Sacl sacl,
out SecurityDescriptor secDesc)
{
sidOwner = null;
sidGroup = null;
dacl = null;
sacl = null;
secDesc = null;
IntPtr ptrOwnerSid = IntPtr.Zero;
IntPtr ptrGroupSid = IntPtr.Zero;
IntPtr ptrDacl = IntPtr.Zero;
IntPtr ptrSacl = IntPtr.Zero;
IntPtr ptrSecDesc = IntPtr.Zero;
DWORD rc = Win32.GetSecurityInfo(handle, objectType, securityInfo,
ref ptrOwnerSid, ref ptrGroupSid, ref ptrDacl, ref ptrSacl, ref ptrSecDesc);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
try
{
if (ptrOwnerSid != IntPtr.Zero)
sidOwner = new Sid(ptrOwnerSid);
if (ptrGroupSid != IntPtr.Zero)
sidGroup = new Sid(ptrGroupSid);
if (ptrDacl != IntPtr.Zero)
dacl = new Dacl(ptrDacl);
if (ptrSacl != IntPtr.Zero)
sacl = new Sacl(ptrSacl);
if (ptrSecDesc != IntPtr.Zero)
secDesc = new SecurityDescriptor(ptrSecDesc, true);
}
catch
{
if (ptrSecDesc != IntPtr.Zero)
Win32.LocalFree(ptrSecDesc);
throw;
}
}
