// FUNCTION: SetPrinterDACL // // PURPOSE: Applies DACL to specified printer // // RETURN VALUE: true or false // // COMMENTS: static bool SetPrinterDACL(string szPrinterName, PACL pDacl) { var PrnDefs = new PRINTER_DEFAULTS { DesiredAccess = ACCESS_MASK.READ_CONTROL | ACCESS_MASK.WRITE_DAC }; if (!OpenPrinter(szPrinterName, out var hPrinter, PrnDefs)) { return(false); } using (hPrinter) { var NewSD = new SafePSECURITY_DESCRIPTOR(); if (!SetSecurityDescriptorDacl(NewSD, true, pDacl, false)) { return(false); } if (!SetPrinter(hPrinter, new PRINTER_INFO_3 { pSecurityDescriptor = NewSD })) { return(false); } } return(true); }
/// <summary>Enumerates the ACEs in an ACL.</summary> /// <param name="pAcl">A pointer to an ACL that contains the ACE to be retrieved.</param> /// <returns>A sequence of PACE values from the ACL.</returns> public static IEnumerable <PACE> EnumerateAces(this PACL pAcl) { for (var i = 0U; i < pAcl.AceCount(); i++) { yield return(GetAce(pAcl, i)); } }
public static extern DWORD SetSecurityInfo( HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl);
public static ACCESS_ALLOWED_ACE GetAce(PACL pAcl, int aceIndex) { if (AdvApi32.GetAce(pAcl, aceIndex, out var acePtr)) { return((ACCESS_ALLOWED_ACE)Marshal.PtrToStructure((IntPtr)acePtr, typeof(ACCESS_ALLOWED_ACE))); } throw new System.ComponentModel.Win32Exception(); }
public static RawAcl RawAclFromPtr(PACL pAcl) { var len = GetAclSize(pAcl); var dest = new byte[len]; Marshal.Copy((IntPtr)pAcl, dest, 0, (int)len); return(new RawAcl(dest, 0)); }
public static extern DWORD SetNamedSecurityInfo( LPCTSTR pObjectName, //REVIEW: Why is it documented as LPTSTR SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl);
internal static extern DWORD GetSecurityInfo( SafeFileHandle handle, ObjectType objectType, SecurityInformationClass infoClass, PSID owner, PSID group, PACL dacl, PACL sacl, out PSECURITY_DESCRIPTOR securityDescriptor);
public static extern DWORD GetNamedSecurityInfo( LPCTSTR pObjectName, //REVIEW: Why is it documented as LPTSTR SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, ref PSID ppsidOwner, ref PSID ppsidGroup, ref PACL ppDacl, ref PACL ppSacl, ref PSECURITY_DESCRIPTOR ppSecurityDescriptor);
public static extern DWORD GetSecurityInfo( HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, ref PSID ppsidOwner, ref PSID ppsidGroup, ref PACL ppDacl, ref PACL ppSacl, ref PSECURITY_DESCRIPTOR ppSecurityDescriptor);
public static ACL_SIZE_INFORMATION GetAclInfo(PACL pAcl) { var si = new ACL_SIZE_INFORMATION(); if (!GetAclInformation(pAcl, ref si, (uint)Marshal.SizeOf(si), ACL_INFORMATION_CLASS.AclSizeInformation)) { throw new System.ComponentModel.Win32Exception(); } return(si); }
public static extern BOOL MakeAbsoluteSD( PSECURITY_DESCRIPTOR pSelfRelativeSD, PSECURITY_DESCRIPTOR pAbsoluteSD, ref DWORD lpdwAbsoluteSDSize, PACL pDacl, ref DWORD lpdwDaclSize, PACL pSacl, ref DWORD lpdwSaclSize, PSID pOwner, ref DWORD lpdwOwnerSize, PSID pPrimaryGroup, ref DWORD lpdwPrimaryGroupSize );
public static extern BOOL AddAce(PACL pAcl, DWORD dwAceRevision, DWORD dwStartingAceIndex, LPVOID pAceList, DWORD nAceListLength);
public static extern BOOL InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision);
public static extern BOOL SetSecurityDescriptorSacl( PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bSaclPresent, PACL pSacl, BOOL bSaclDefaulted );
/// <summary>Gets the <see cref="RawAcl"/> equivalent of an ACL.</summary> /// <param name="pAcl">The pointer to an ACL structure.</param> /// <returns>The <see cref="RawAcl"/> instance.</returns> public static RawAcl RawAclFromPtr(PACL pAcl) => new RawAcl(((IntPtr)pAcl).ToArray <byte>((int)pAcl.Length()), 0);
public static extern bool AddResourceAttributeAce(PACL pAcl, uint dwAceRevision, uint AceFlags, uint AccessMask, PSID pSid, ref CLAIM_SECURITY_ATTRIBUTES_INFORMATION pAttributeInfo, ref uint pReturnLength);
public static uint GetAceCount(this PACL pAcl) => pAcl.AceCount();
public static uint GetAceCount(PACL pAcl) => GetAclInfo(pAcl).AceCount;
public static uint GetAclSize(PACL pAcl) => pAcl.Length();
public static uint GetAclSize(PACL pAcl) => GetAclInfo(pAcl).AclBytesInUse;
public static extern bool AddScopedPolicyIDAce(PACL pAcl, uint dwAceRevision, uint AceFlags, uint AccessMask, PSID pSid);
/// <summary>Gets the number of ACEs held by an ACL.</summary> /// <param name="pACL">The pointer to the ACL structure to query.</param> /// <returns>The ace count.</returns> public static uint AceCount(this PACL pACL) => IsValidAcl(pACL) && GetAclInformation(pACL, out ACL_SIZE_INFORMATION si) ? si.AceCount : 0;
/// <summary>Validates an access control list (ACL).</summary> /// <param name="pAcl">The pointer to the ACL structure to query.</param> /// <returns><c>true</c> if the ACL is valid; otherwise, <c>false</c>.</returns> public static bool IsValidAcl(this PACL pAcl) => IsValidAcl(pAcl);
public static extern BOOL GetSecurityDescriptorSacl( PSECURITY_DESCRIPTOR pSecurityDescriptor, out BOOL lpbSaclPresent, ref PACL pSacl, // By ref, because if "present" == false, value is unchanged out BOOL lpbSaclDefaulted );
/// <summary>Gets the size, in bytes, of an ACL. If the ACL is not valid, 0 is returned.</summary> /// <param name="pACL">The pointer to the ACL structure to query.</param> /// <returns>The size, in bytes, of an ACL. If the ACL is not valid, 0 is returned.</returns> public static uint Length(this PACL pACL) => IsValidAcl(pACL) && GetAclInformation(pACL, out ACL_SIZE_INFORMATION si) ? si.AclBytesInUse : 0;
/// <summary>The <c>GetAce</c> function obtains a pointer to an access control entry (ACE) in an access control list (ACL).</summary> /// <param name="pAcl">A pointer to an ACL that contains the ACE to be retrieved.</param> /// <param name="aceIndex"> /// The index of the ACE to be retrieved. A value of zero corresponds to the first ACE in the ACL, a value of one to the second ACE, /// and so on. /// </param> /// <returns>A pointer to the ACE.</returns> public static PACE GetAce(this PACL pAcl, uint aceIndex) { Win32Error.ThrowLastErrorIfFalse(AdvApi32.GetAce(pAcl, aceIndex, out var acePtr)); return(acePtr); }
/// <summary>Gets the total number of bytes allocated to the ACL.</summary> /// <param name="pACL">The pointer to the ACL structure to query.</param> /// <returns>The total of the free and used bytes in the ACL.</returns> public static uint BytesAllocated(this PACL pACL) => IsValidAcl(pACL) && GetAclInformation(pACL, out ACL_SIZE_INFORMATION si) ? si.AclBytesFree + si.AclBytesInUse : 0;
public override INHERITED_FROM[] GetInheritSource(string objName, string serverName, bool isContainer, uint si, PACL pAcl) { // Get list of all parents //var obj = SecuredObject.GetKnownObject(Windows.Forms.AccessControlEditorDialog.TaskResourceType, objName, serverName); //var parents = new System.Collections.Generic.List<object>(); //var folder = obj.GetPropertyValue(isContainer ? "Parent" : "Folder"); //while (folder != null) //{ // parents.Add(folder); // folder = folder.GetPropertyValue("Parent"); //} // For each ACE, walk up list of lists of parents to determine if there's a matching one. // var acl = RawAclFromPtr(pAcl); // for (int i = 0; i < acl.Count; i++) { } return(new INHERITED_FROM[pAcl.GetAceCount()]); }
/// <summary> /// Determines the source of inherited access control entries (ACEs) in discretionary access /// control lists (DACLs) and system access control lists (SACLs). /// </summary> /// <param name="objName">Name of the object.</param> /// <param name="serverName">Name of the server.</param> /// <param name="isContainer">If set to <c>true</c> object is a container.</param> /// <param name="si"> /// The object-related security information being queried. See SECURITY_INFORMATION type in /// Windows documentation. /// </param> /// <param name="pAcl">A pointer to the ACL.</param> /// <returns> /// An array of <see cref="INHERITED_FROM"/> structures. The length of this array is the /// same as the number of ACEs in the ACL referenced by pACL. Each <see /// cref="INHERITED_FROM"/> entry provides inheritance information for the corresponding /// ACE entry in pACL. /// </returns> public virtual INHERITED_FROM[] GetInheritSource(string objName, string serverName, bool isContainer, uint si, PACL pAcl) { var gMap = GetGenericMapping(0); return(GetInheritanceSource(objName, ResourceType, (SECURITY_INFORMATION)si, isContainer, pAcl, ref gMap).ToArray()); }
public override INHERITED_FROM[] GetInheritSource(string objName, string serverName, bool isContainer, uint si, PACL pAcl) { var ret = base.GetInheritSource(objName, serverName, isContainer, si, pAcl); for (var i = 0; i < ret.Length; i++) { if (ret[i].GenerationGap == -1) { var idx = objName.StartsWith(@"\\") ? 1 : 0; var parts = objName.TrimStart('\\').Split('\\'); if (parts.Length > idx) { ret[i].AncestorName = parts[idx].Replace("HKEY_", ""); } } } return(ret); }