コード例 #1
0
        public static string GetCentralAccessPolicyName(PSObject instance)
        {
            string             stringUni;
            SecurityIdentifier centralAccessPolicyId = SecurityDescriptorCommandsBase.GetCentralAccessPolicyId(instance);
            int binaryLength = centralAccessPolicyId.BinaryLength;

            byte[] numArray = new byte[binaryLength];
            centralAccessPolicyId.GetBinaryForm(numArray, 0);
            IntPtr zero   = IntPtr.Zero;
            IntPtr intPtr = Marshal.AllocHGlobal(binaryLength);

            try
            {
                Marshal.Copy(numArray, 0, intPtr, binaryLength);
                IntPtr[] intPtrArray = new IntPtr[1];
                intPtrArray[0] = intPtr;
                int num  = 0;
                int num1 = NativeMethods.LsaQueryCAPs(intPtrArray, 1, out zero, out num);
                if (num1 == 0)
                {
                    if (num == 0 || zero == IntPtr.Zero)
                    {
                        stringUni = null;
                    }
                    else
                    {
                        NativeMethods.CENTRAL_ACCESS_POLICY structure = (NativeMethods.CENTRAL_ACCESS_POLICY)Marshal.PtrToStructure(zero, typeof(NativeMethods.CENTRAL_ACCESS_POLICY));
                        stringUni = Marshal.PtrToStringUni(structure.Name.Buffer, structure.Name.Length / 2);
                    }
                }
                else
                {
                    throw new Win32Exception(num1);
                }
            }
            finally
            {
                Marshal.FreeHGlobal(intPtr);
                NativeMethods.LsaFreeMemory(zero);
            }
            return(stringUni);
        }
コード例 #2
0
        public static SecurityIdentifier GetCentralAccessPolicyId(PSObject instance)
        {
            SecurityIdentifier securityIdentifier;
            SessionState       sessionState = new SessionState();
            string             unresolvedProviderPathFromPSPath = sessionState.Path.GetUnresolvedProviderPathFromPSPath(SecurityDescriptorCommandsBase.GetPath(instance));
            IntPtr             zero    = IntPtr.Zero;
            IntPtr             intPtr  = IntPtr.Zero;
            IntPtr             zero1   = IntPtr.Zero;
            IntPtr             intPtr1 = IntPtr.Zero;
            IntPtr             zero2   = IntPtr.Zero;

            try
            {
                int namedSecurityInfo = NativeMethods.GetNamedSecurityInfo(unresolvedProviderPathFromPSPath, NativeMethods.SeObjectType.SE_FILE_OBJECT, NativeMethods.SecurityInformation.SCOPE_SECURITY_INFORMATION, out zero, out intPtr, out zero1, out intPtr1, out zero2);
                if (namedSecurityInfo == 0)
                {
                    if (intPtr1 != IntPtr.Zero)
                    {
                        NativeMethods.ACL structure = (NativeMethods.ACL)Marshal.PtrToStructure(intPtr1, typeof(NativeMethods.ACL));
                        if (structure.AceCount != 0)
                        {
                            NativeMethods.ACL aCL     = new NativeMethods.ACL();
                            IntPtr            aceSize = intPtr1 + Marshal.SizeOf(aCL);
                            for (uint i = 0; i < structure.AceCount; i++)
                            {
                                NativeMethods.ACE_HEADER aCEHEADER = (NativeMethods.ACE_HEADER)Marshal.PtrToStructure(aceSize, typeof(NativeMethods.ACE_HEADER));
                                if ((aCEHEADER.AceFlags & 8) == 0)
                                {
                                    break;
                                }
                                aceSize = aceSize + aCEHEADER.AceSize;
                            }
                            NativeMethods.SYSTEM_AUDIT_ACE sYSTEMAUDITACE = new NativeMethods.SYSTEM_AUDIT_ACE();
                            IntPtr intPtr2 = aceSize + Marshal.SizeOf(sYSTEMAUDITACE) - Marshal.SizeOf((uint)0);
                            bool   flag    = NativeMethods.IsValidSid(intPtr2);
                            if (flag)
                            {
                                securityIdentifier = new SecurityIdentifier(intPtr2);
                            }
                            else
                            {
                                throw new Win32Exception(Marshal.GetLastWin32Error());
                            }
                        }
                        else
                        {
                            securityIdentifier = null;
                        }
                    }
                    else
                    {
                        securityIdentifier = null;
                    }
                }
                else
                {
                    throw new Win32Exception(namedSecurityInfo);
                }
            }
            finally
            {
                NativeMethods.LocalFree(zero2);
            }
            return(securityIdentifier);
        }
コード例 #3
0
ファイル: GetAclCommand.cs プロジェクト: modulexcite/pash-1
        protected override void ProcessRecord()
        {
            AccessControlSections accessControlSection = AccessControlSections.Access | AccessControlSections.Owner | AccessControlSections.Group;

            if (this.audit)
            {
                accessControlSection = accessControlSection | AccessControlSections.Audit;
            }
            if (this.inputObject == null)
            {
                string[] path = this.Path;
                for (int i = 0; i < (int)path.Length; i++)
                {
                    string        str  = path[i];
                    List <string> strs = new List <string>();
                    string        str1 = null;
                    try
                    {
                        if (!this.isLiteralPath)
                        {
                            Collection <PathInfo> resolvedPSPathFromPSPath = base.SessionState.Path.GetResolvedPSPathFromPSPath(str, base.CmdletProviderContext);
                            foreach (PathInfo pathInfo in resolvedPSPathFromPSPath)
                            {
                                strs.Add(pathInfo.Path);
                            }
                        }
                        else
                        {
                            strs.Add(base.SessionState.Path.GetUnresolvedProviderPathFromPSPath(str));
                        }
                        foreach (string str2 in strs)
                        {
                            str1 = str2;
                            CmdletProviderContext cmdletProviderContext = new CmdletProviderContext(base.Context);
                            cmdletProviderContext.SuppressWildcardExpansion = true;
                            if (base.InvokeProvider.Item.Exists(str2, false, this.isLiteralPath))
                            {
                                base.InvokeProvider.SecurityDescriptor.Get(str2, accessControlSection, cmdletProviderContext);
                                Collection <PSObject> accumulatedObjects = cmdletProviderContext.GetAccumulatedObjects();
                                if (accumulatedObjects == null)
                                {
                                    continue;
                                }
                                SecurityDescriptorCommandsBase.AddBrokeredProperties(accumulatedObjects, this.audit, this.allCentralAccessPolicies);
                                base.WriteObject(accumulatedObjects, true);
                            }
                            else
                            {
                                ErrorRecord errorRecord = SecurityUtils.CreatePathNotFoundErrorRecord(str2, "GetAcl_PathNotFound");
                                base.WriteError(errorRecord);
                            }
                        }
                    }
                    catch (NotSupportedException notSupportedException)
                    {
                        object[] objArray = new object[1];
                        objArray[0] = str1;
                        ErrorRecord errorRecord1 = SecurityUtils.CreateNotSupportedErrorRecord(UtilsStrings.OperationNotSupportedOnPath, "GetAcl_OperationNotSupported", objArray);
                        base.WriteError(errorRecord1);
                    }
                    catch (ItemNotFoundException itemNotFoundException)
                    {
                        ErrorRecord errorRecord2 = SecurityUtils.CreatePathNotFoundErrorRecord(str, "GetAcl_PathNotFound_Exception");
                        base.WriteError(errorRecord2);
                    }
                }
            }
            else
            {
                PSMethodInfo item = this.inputObject.Methods["GetSecurityDescriptor"];
                if (item == null)
                {
                    ErrorRecord errorRecord3 = SecurityUtils.CreateNotSupportedErrorRecord(UtilsStrings.GetMethodNotFound, "GetAcl_OperationNotSupported", new object[0]);
                    base.WriteError(errorRecord3);
                    return;
                }
                else
                {
                    object commonSecurityDescriptor = null;
                    try
                    {
                        commonSecurityDescriptor = PSObject.Base(item.Invoke(new object[0]));
                        if (commonSecurityDescriptor as FileSystemSecurity == null)
                        {
                            commonSecurityDescriptor = new CommonSecurityDescriptor(false, false, commonSecurityDescriptor.ToString());
                        }
                    }
                    catch (Exception exception1)
                    {
                        Exception exception = exception1;
                        CommandProcessorBase.CheckForSevereException(exception);
                        ErrorRecord errorRecord4 = SecurityUtils.CreateNotSupportedErrorRecord(UtilsStrings.MethodInvokeFail, "GetAcl_OperationNotSupported", new object[0]);
                        base.WriteError(errorRecord4);
                        return;
                    }
                    base.WriteObject(commonSecurityDescriptor, true);
                    return;
                }
            }
        }