コード例 #1
0
		public SecurityDescriptor(
			SecurityIdentifier owner,
			SecurityIdentifier group,
			AccessControlList dacl,
			AccessControlList sacl,
			SecurityDescriptorControl control)
		{
			// create security descriptor
			_pSd = CreateSecurityDescriptor(
				owner == null ? IntPtr.Zero : owner.Handle,
				group == null ? IntPtr.Zero : group.Handle,
				dacl == null ? IntPtr.Zero : dacl.Handle,
				sacl == null ? IntPtr.Zero : sacl.Handle,
				control);

			// query properties
			uint revision;
			uint controlFlags;
			if (!SecurityNative.GetSecurityDescriptorControl(_pSd, out controlFlags, out revision))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			_revision = (int)revision;
			_control = (SecurityDescriptorControl)controlFlags;
			_owner = owner;
			_group = group;
			_dacl = dacl;
			_sacl = sacl;
		}
コード例 #2
0
		public AccessControlEntry(SecurityIdentifier trustee, AccessControlEntryType aceType, AccessMask accessMask)
		{
			// parameters validation
			if (trustee == null)
				throw new ArgumentNullException("trustee");

			_aceType = aceType;
			_aceFlags = AccessControlEntryFlags.Normal;
			_accessMask = accessMask;
			Trustee = trustee;
		}
コード例 #3
0
		internal AccessControlEntry(IntPtr pAce)
		{
			// parameters validation
			if (pAce == IntPtr.Zero)
				throw new ArgumentNullException("pAce");

			// read ACE properties
			_aceType = (AccessControlEntryType)MarshalHelper.ReadByte(pAce, typeof(SecurityNative.ACE), "AceType");
			_aceFlags = (AccessControlEntryFlags)MarshalHelper.ReadByte(pAce, typeof(SecurityNative.ACE), "AceFlags");
			_accessMask = (AccessMask)MarshalHelper.ReadInt32(pAce, typeof(SecurityNative.ACE), "AccessMask");

			// read SID
			IntPtr pSid = IntPtrHelper.Add(pAce, Marshal.OffsetOf(typeof(SecurityNative.ACE), "SidStart"));
			Trustee = new SecurityIdentifier(pSid, true);
		}
コード例 #4
0
		internal SecurityDescriptor(IntPtr pSd, bool copy)
		{
			// get security descriptor information
			IntPtr pOwner;
			IntPtr pGroup;
			IntPtr pDacl;
			IntPtr pSacl;
			SecurityDescriptorControl control;

			GetSecurityDescriptorInfo(
				pSd,
				out pOwner,
				out pGroup,
				out pDacl,
				out pSacl,
				out control);

			bool copyStructs;
			if (copy)
			{
				// create security descriptor
				_pSd = CreateSecurityDescriptor(pOwner, pGroup, pDacl, pSacl, control);
				copyStructs = true;
			}
			else
			{
				// store pointer
				_pSd = new LocalAllocHandle(pSd);
				copyStructs = (control & SecurityDescriptorControl.SelfRelative) != 0;
			}

			// query properties
			uint revision;
			uint controlFlags;
			if (!SecurityNative.GetSecurityDescriptorControl(_pSd, out controlFlags, out revision))
				throw new Win32Exception(Marshal.GetLastWin32Error());

			_revision = (int)revision;
			_control = (SecurityDescriptorControl)controlFlags;

			if (pOwner != IntPtr.Zero)
				_owner = new SecurityIdentifier(pOwner, copyStructs);
			if (pGroup != IntPtr.Zero)
				_group = new SecurityIdentifier(pGroup, copyStructs);
			if (pDacl != IntPtr.Zero)
				_dacl = new AccessControlList(pDacl, copyStructs);
			if (pSacl != IntPtr.Zero)
				_sacl = new AccessControlList(pSacl, copyStructs);
		}
コード例 #5
0
		public SecurityDescriptor(SecurityIdentifier owner, SecurityIdentifier group, AccessControlList dacl, AccessControlList sacl)
			: this(owner, group, dacl, sacl, 0)
		{
		}
コード例 #6
0
		/// <summary>
		/// Compares two SID prefixes
		/// </summary>
		public bool ComparePrefix(SecurityIdentifier sid)
		{
			return SecurityNative.EqualPrefixSid(_pSid, sid.Handle);
		}
コード例 #7
0
		/// <summary>
		/// Returns account name for the SID
		/// </summary>
		public static string LookupAccount(string systemName, SecurityIdentifier accountSid)
		{
			// parameters validation
			if (accountSid == null)
				throw new ArgumentNullException("accountSid");

			uint cbAccountName = 256;
			IntPtr pAccountName = IntPtr.Zero;

			uint cbDomainName = 256;
			IntPtr pDomainName = IntPtr.Zero;

			try
			{
				while (true)
				{
					// allocate buffers
					pAccountName = Win32.LocalAlloc(Win32.LMEM_FIXED, cbAccountName);
					pDomainName = Win32.LocalAlloc(Win32.LMEM_FIXED, cbDomainName);

					if ((pAccountName == IntPtr.Zero) || (pDomainName == IntPtr.Zero))
						throw new Win32Exception(Marshal.GetLastWin32Error());

					// lookup for account
					int accountType;
					if (SecurityNative.LookupAccountSid(
						systemName,
						accountSid.Handle,
						pAccountName,
						ref cbAccountName,
						pDomainName,
						ref cbDomainName,
						out accountType))
					{
						return Marshal.PtrToStringUni(pDomainName) + "\\" + Marshal.PtrToStringUni(pAccountName);
					}
					else
					{
						int error = Marshal.GetLastWin32Error();
						if (error != Win32.ERROR_OUTOFMEMORY)
							throw new Win32Exception(error);
					}
				}
			}
			finally
			{
				if (pAccountName != IntPtr.Zero)
					Win32.LocalFree(pAccountName);
				if (pDomainName != IntPtr.Zero)
					Win32.LocalFree(pDomainName);
			}
		}
コード例 #8
0
        internal SecurityDescriptor(IntPtr pSd, bool copy)
        {
            // get security descriptor information
            IntPtr pOwner;
            IntPtr pGroup;
            IntPtr pDacl;
            IntPtr pSacl;
            SecurityDescriptorControl control;

            GetSecurityDescriptorInfo(
                pSd,
                out pOwner,
                out pGroup,
                out pDacl,
                out pSacl,
                out control);

            bool copyStructs;

            if (copy)
            {
                // create security descriptor
                _pSd        = CreateSecurityDescriptor(pOwner, pGroup, pDacl, pSacl, control);
                copyStructs = true;
            }
            else
            {
                // store pointer
                _pSd        = new LocalAllocHandle(pSd);
                copyStructs = (control & SecurityDescriptorControl.SelfRelative) != 0;
            }

            // query properties
            uint revision;
            uint controlFlags;

            if (!SecurityNative.GetSecurityDescriptorControl(_pSd, out controlFlags, out revision))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }

            _revision = (int)revision;
            _control  = (SecurityDescriptorControl)controlFlags;

            if (pOwner != IntPtr.Zero)
            {
                _owner = new SecurityIdentifier(pOwner, copyStructs);
            }
            if (pGroup != IntPtr.Zero)
            {
                _group = new SecurityIdentifier(pGroup, copyStructs);
            }
            if (pDacl != IntPtr.Zero)
            {
                _dacl = new AccessControlList(pDacl, copyStructs);
            }
            if (pSacl != IntPtr.Zero)
            {
                _sacl = new AccessControlList(pSacl, copyStructs);
            }
        }
コード例 #9
0
 public SecurityDescriptor(SecurityIdentifier owner, SecurityIdentifier group, AccessControlList dacl, AccessControlList sacl)
     : this(owner, group, dacl, sacl, 0)
 {
 }
コード例 #10
0
 /// <summary>
 /// Compares two SID prefixes
 /// </summary>
 public bool ComparePrefix(SecurityIdentifier sid)
 {
     return(SecurityNative.EqualPrefixSid(_pSid, sid.Handle));
 }
コード例 #11
0
        /// <summary>
        /// Returns account name for the SID
        /// </summary>
        public static string LookupAccount(string systemName, SecurityIdentifier accountSid)
        {
            // parameters validation
            if (accountSid == null)
            {
                throw new ArgumentNullException("accountSid");
            }

            uint   cbAccountName = 256;
            IntPtr pAccountName  = IntPtr.Zero;

            uint   cbDomainName = 256;
            IntPtr pDomainName  = IntPtr.Zero;

            try
            {
                while (true)
                {
                    // allocate buffers
                    pAccountName = Win32.LocalAlloc(Win32.LMEM_FIXED, cbAccountName);
                    pDomainName  = Win32.LocalAlloc(Win32.LMEM_FIXED, cbDomainName);

                    if ((pAccountName == IntPtr.Zero) || (pDomainName == IntPtr.Zero))
                    {
                        throw new Win32Exception(Marshal.GetLastWin32Error());
                    }

                    // lookup for account
                    int accountType;
                    if (SecurityNative.LookupAccountSid(
                            systemName,
                            accountSid.Handle,
                            pAccountName,
                            ref cbAccountName,
                            pDomainName,
                            ref cbDomainName,
                            out accountType))
                    {
                        return(Marshal.PtrToStringUni(pDomainName) + "\\" + Marshal.PtrToStringUni(pAccountName));
                    }
                    else
                    {
                        int error = Marshal.GetLastWin32Error();
                        if (error != Win32.ERROR_OUTOFMEMORY)
                        {
                            throw new Win32Exception(error);
                        }
                    }
                }
            }
            finally
            {
                if (pAccountName != IntPtr.Zero)
                {
                    Win32.LocalFree(pAccountName);
                }
                if (pDomainName != IntPtr.Zero)
                {
                    Win32.LocalFree(pDomainName);
                }
            }
        }