static uint GetEffectiveRights(SE_OBJECT_TYPE type, String name, String sidString)
{
SecurityIdentifier sid = new SecurityIdentifier(sidString);
IntPtr pOwner = IntPtr.Zero; // pSID
IntPtr pGroup = IntPtr.Zero; // pSID
IntPtr pSacl = IntPtr.Zero;
IntPtr pDacl = IntPtr.Zero;
IntPtr pSD = IntPtr.Zero; // pSECURITY_DESCRIPTOR
uint result = GetNamedSecurityInfo(name, type, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, out pOwner,
out pGroup, out pDacl, out pSacl, out pSD);
if (result != 0)
{
throw new System.ComponentModel.Win32Exception((int)result);
}
byte[] sidBuffer = new byte[sid.BinaryLength];
sid.GetBinaryForm(sidBuffer, 0);
TRUSTEE t = new TRUSTEE();
BuildTrusteeWithSid(ref t, sidBuffer);
uint access = 0;
uint hr = GetEffectiveRightsFromAcl(pDacl, ref t, ref access);
int i = Marshal.Release(t.ptstrName);
return(access);
}
internal unsafe static void UnsafeSetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
fixed(byte *pSidOwner = (sidOwner != null ? sidOwner.GetNativeSID() : null))
{
fixed(byte *pSidGroup = (sidGroup != null ? sidGroup.GetNativeSID() : null))
{
fixed(byte *pDacl = (dacl != null ? dacl.GetNativeACL() : null))
{
fixed(byte *pSacl = (sacl != null ? sacl.GetNativeACL() : null))
{
DWORD rc = Win32.SetNamedSecurityInfo(objectName, objectType, securityInfo,
(IntPtr)pSidOwner, (IntPtr)pSidGroup, (IntPtr)pDacl, (IntPtr)pSacl);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
}
}
}
}
}
public static extern uint SetSecurityInfo(
IntPtr handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
IntPtr psidOwner,
IntPtr psidGroup,
IntPtr pDacl,
IntPtr pSacl);
public static extern DWORD SetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
PSID psidOwner,
PSID psidGroup,
PACL pDacl,
PACL pSacl);
private static extern int SetNamedSecurityInfo(
string pObjectName,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
IntPtr psidOwner,
IntPtr psidGroup,
IntPtr pDacl,
IntPtr pSacl);
public static extern uint SetSecurityInfo(
IntPtr handle,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInformation,
IntPtr pOwner,
IntPtr pGroup,
IntPtr pDacl,
IntPtr pSacl);
public static extern DWORD SetNamedSecurityInfo(
LPCTSTR pObjectName, //REVIEW: Why is it documented as LPTSTR
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
PSID psidOwner,
PSID psidGroup,
PACL pDacl,
PACL pSacl);
public static extern DWORD GetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
ref PSID ppsidOwner,
ref PSID ppsidGroup,
ref PACL ppDacl,
ref PACL ppSacl,
ref PSECURITY_DESCRIPTOR ppSecurityDescriptor);
public static extern int GetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
System.Security.AccessControl.SecurityInfos securityInfo,
out IntPtr sidOwner,
out IntPtr sidGroup,
out IntPtr dacl,
out IntPtr sacl,
out IntPtr securityDescriptor);
static extern uint GetNamedSecurityInfo(
string pObjectName,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
out IntPtr pSidOwner,
out IntPtr pSidGroup,
out IntPtr pDacl,
out IntPtr pSacl,
out IntPtr pSecurityDescriptor);
public static extern uint GetSecurityInfo(
IntPtr handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
out IntPtr pSidOwner,
out IntPtr pSidGroup,
out IntPtr pDacl,
out IntPtr pSacl,
out IntPtr pSecurityDescriptor);
public static extern Win32Error GetNamedSecurityInfo(
string pObjectName,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
out IntPtr ppsidOwner,
out IntPtr ppsidGroup,
out IntPtr ppDacl,
out IntPtr ppSacl,
out SafeSecurityDescriptor ppSecurityDescriptor);
internal static extern int GetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SecurityInfos securityInfo,
out IntPtr sidOwner,
out IntPtr sidGroup,
out IntPtr dacl,
out IntPtr sacl,
out IntPtr securityDescriptor);
static extern int GetNamedSecurityInfo(
String objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
out IntPtr sidOwner,
out IntPtr sidGroup,
out IntPtr dacl,
out IntPtr sacl,
out IntPtr securityDescriptor);
public static extern DWORD GetNamedSecurityInfo(
LPCTSTR pObjectName, //REVIEW: Why is it documented as LPTSTR
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
ref PSID ppsidOwner,
ref PSID ppsidGroup,
ref PACL ppDacl,
ref PACL ppSacl,
ref PSECURITY_DESCRIPTOR ppSecurityDescriptor);
public static extern int GetSecurityInfo(
IntPtr handle,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
out IntPtr sidOwner,
out IntPtr sidGroup,
out IntPtr dacl,
out IntPtr sacl,
out IntPtr securityDescriptor);
public static void SetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
UnsafeSetSecurityInfo(handle, ObjectType, SecurityInfo,
sidOwner, sidGroup, dacl, sacl);
}
public static void SetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
UnsafeSetNamedSecurityInfo(objectName, objectType, securityInfo,
sidOwner, sidGroup, dacl, sacl);
}
public void SetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo)
{
Sid ownerSid = (((securityInfo & SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION) == 0) ? null : this.Owner);
Sid groupSid = (((securityInfo & SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION) == 0) ? null : this.Group);
Dacl dacl = (((securityInfo & SECURITY_INFORMATION.DACL_SECURITY_INFORMATION) == 0) ? null : this.Dacl);
Sacl sacl = (((securityInfo & SECURITY_INFORMATION.SACL_SECURITY_INFORMATION) == 0) ? null : this.Sacl);
Win32Helpers.SetNamedSecurityInfo(objectName, objectType, securityInfo,
ownerSid, groupSid, dacl, sacl);
}
public static SecurityDescriptor GetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo)
{
Sid sidOwner;
Sid sidGroup;
Dacl dacl;
Sacl sacl;
SecurityDescriptor secDesc;
Win32Helpers.GetNamedSecurityInfo(objectName, objectType, securityInfo,
out sidOwner, out sidGroup, out dacl, out sacl, out secDesc);
return(secDesc);
}
public static SECURITY_INFOS GetSecurityInfos(string ObjectName, SE_OBJECT_TYPE ObjectType)
{
var pSidOwner = IntPtr.Zero;
var pSidGroup = IntPtr.Zero;
var pDacl = IntPtr.Zero;
var pSacl = IntPtr.Zero;
var pSecurityDescriptor = IntPtr.Zero;
var info = SecurityInfos.DiscretionaryAcl | SecurityInfos.Owner;
var infos = new SECURITY_INFOS();
// get the security infos
var errorReturn = GetNamedSecurityInfo(ObjectName, ObjectType, info, out pSidOwner, out pSidGroup, out pDacl, out pSacl, out pSecurityDescriptor);
if (errorReturn != 0)
{
return(infos);
}
if (ConvertSecurityDescriptorToStringSecurityDescriptor(pSecurityDescriptor, 1, SecurityInfos.DiscretionaryAcl | SecurityInfos.Owner, out var pSddlString, out _))
{
infos.SDDL = Marshal.PtrToStringUni(pSddlString) ?? string.Empty;
}
var ownerSid = new SecurityIdentifier(pSidOwner);
infos.Owner = ownerSid.Value;
if (pSddlString != IntPtr.Zero)
{
Marshal.FreeHGlobal(pSddlString);
}
if (pSecurityDescriptor != IntPtr.Zero)
{
Marshal.FreeHGlobal(pSecurityDescriptor);
}
return(infos);
}
public static SECURITY_INFOS GetSecurityInfos(string ObjectName, SE_OBJECT_TYPE ObjectType)
{
var pSidOwner = IntPtr.Zero;
var pSidGroup = IntPtr.Zero;
var pDacl = IntPtr.Zero;
var pSacl = IntPtr.Zero;
var pSecurityDescriptor = IntPtr.Zero;
var info = SecurityInfos.DiscretionaryAcl | SecurityInfos.Owner;
var infos = new SECURITY_INFOS();
// get the security infos
var errorReturn = GetNamedSecurityInfo(ObjectName, ObjectType, info, out pSidOwner, out pSidGroup, out pDacl, out pSacl, out pSecurityDescriptor);
if (errorReturn != 0)
{
return(infos);
}
else
{
var len = 0;
//IntPtr pBuffer = IntPtr.Zero;
var sddlString = "";
if (ConvertSecurityDescriptorToStringSecurityDescriptor(pSecurityDescriptor, 1, SecurityInfos.DiscretionaryAcl | SecurityInfos.Owner, out sddlString, out len))
{
infos.SecurityDescriptor = new RawSecurityDescriptor(sddlString);
infos.SDDL = sddlString;
}
var ownerSid = new SecurityIdentifier(pSidOwner);
infos.Owner = ownerSid.Value;
}
return(infos);
}
public static extern int SetSecurityInfo(SafeHandle hFileMappingObject,
SE_OBJECT_TYPE objectType,
Int32 securityInfo,
IntPtr psidOwner,
IntPtr psidGroup,
IntPtr pDacl,
IntPtr pSacl);
static uint GetEffectiveRights(SE_OBJECT_TYPE type, String name, String sidString)
{
SecurityIdentifier sid = new SecurityIdentifier(sidString);
IntPtr pOwner = IntPtr.Zero; // pSID
IntPtr pGroup = IntPtr.Zero; // pSID
IntPtr pSacl = IntPtr.Zero;
IntPtr pDacl = IntPtr.Zero;
IntPtr pSD = IntPtr.Zero; // pSECURITY_DESCRIPTOR
uint result = GetNamedSecurityInfo(name, type, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, out pOwner,
out pGroup, out pDacl, out pSacl, out pSD);
if (result != 0) {
throw new System.ComponentModel.Win32Exception((int)result);
}
byte[] sidBuffer = new byte[sid.BinaryLength];
sid.GetBinaryForm(sidBuffer, 0);
TRUSTEE t = new TRUSTEE();
BuildTrusteeWithSid(ref t, sidBuffer);
uint access = 0;
uint hr = GetEffectiveRightsFromAcl(pDacl, ref t, ref access);
int i = Marshal.Release(t.ptstrName);
return access;
}
internal static extern uint SetSecurityInfo(SafeFileHandle handle, SE_OBJECT_TYPE objectType, SECURITY_INFORMATION securityInfo, IntPtr psidOwner, IntPtr psidGroup, IntPtr pDacl, IntPtr pSacl);
static internal extern uint GetSecurityInfo(SafeHandle handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, out IntPtr pSidOwner, out IntPtr pSidGroup, out IntPtr pDacl, out IntPtr pSacl, out SafeLocalMemoryBufferHandle pSecurityDescriptor);
public static uint SetSecurityInfo(IntPtr handle, SE_OBJECT_TYPE ObjectType, Int32 SecurityInfo, IntPtr psidOwner, IntPtr psidGroup, IntPtr pDacl, IntPtr pSacl)
{
NotImplemented(MethodBase.GetCurrentMethod());
return(0);
}
static extern int SetNamedSecurityInfo([MarshalAs(UnmanagedType.LPTStr)] string pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo,
IntPtr psidOwner, IntPtr psidGroup, IntPtr pDacl, IntPtr pSacl);
public static extern uint SetNamedSecurityInfo(
string pObjectName,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
IntPtr psidOwner,
IntPtr psidGroup,
IntPtr pDacl,
IntPtr pSacl
);
private static extern long GetSecurityInfo(IntPtr handle,
SE_OBJECT_TYPE objectType, SECURITY_INFORMATION securityInfo,
out IntPtr ppsidOwner, out IntPtr ppsidGroup, out IntPtr ppDacl,
out IntPtr ppSacl, out IntPtr ppSecurityDescriptor);
public static unsafe extern uint GetSecurityInfo(
IntPtr handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
ref void* ppsidOwner,
ref void* ppsidGroup,
[Friendly(FriendlyFlags.Out | FriendlyFlags.Optional)] Kernel32.ACL* ppDacl,
[Friendly(FriendlyFlags.Out | FriendlyFlags.Optional)] Kernel32.ACL* ppSacl,
[Friendly(FriendlyFlags.Out | FriendlyFlags.Optional)] SECURITY_DESCRIPTOR* ppSecurityDescriptor);
static extern int GetNamedSecurityInfo(
String objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
out IntPtr sidOwner,
out IntPtr sidGroup,
out IntPtr dacl,
out IntPtr sacl,
out IntPtr securityDescriptor);
public static unsafe extern Win32ErrorCode GetNamedSecurityInfo(
string pObjectName,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
ref void* ppsidOwner,
ref void* ppsidGroup,
[Friendly(FriendlyFlags.Out | FriendlyFlags.Optional)] Kernel32.ACL* ppDacl,
[Friendly(FriendlyFlags.Out | FriendlyFlags.Optional)] Kernel32.ACL* ppSacl,
[Friendly(FriendlyFlags.Out | FriendlyFlags.Optional)] SECURITY_DESCRIPTOR* ppSecurityDescriptor);
internal unsafe static void UnsafeSetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
byte[] pSidOwner = (sidOwner != null) ? sidOwner.GetNativeSID() : null;
byte[] pSidGroup = (sidGroup != null) ? sidGroup.GetNativeSID() : null;
byte[] pDacl = (dacl != null) ? dacl.GetNativeACL() : null;
byte[] pSacl = (sacl != null) ? sacl.GetNativeACL() : null;
DWORD rc = Win32.SetNamedSecurityInfo(objectName, objectType, securityInfo,
pSidOwner, pSidGroup, pDacl, pSacl);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
}
public static UInt32 SetNamedSecurityInfoW(String pObjectName, SE_OBJECT_TYPE objectType, Int32 securityInfo, IntPtr psidOwner, IntPtr psidGroup, IntPtr pDacl, IntPtr pSacl)
{
NotImplemented(MethodBase.GetCurrentMethod());
return(0);
}
public static extern DWORD GetSecurityInfo( HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, ref PSID ppsidOwner, ref PSID ppsidGroup, ref PACL ppDacl, ref PACL ppSacl, ref PSECURITY_DESCRIPTOR ppSecurityDescriptor);
public static extern DWORD GetNamedSecurityInfo( LPCTSTR pObjectName, //REVIEW: Why is it documented as LPTSTR SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, ref PSID ppsidOwner, ref PSID ppsidGroup, ref PACL ppDacl, ref PACL ppSacl, ref PSECURITY_DESCRIPTOR ppSecurityDescriptor);
public static extern DWORD SetSecurityInfo( HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl);
public static extern uint SetSecurityInfo(SafeHandle handle, SE_OBJECT_TYPE objectType, SECURITY_INFORMATION securityInformation,
byte[] owner, byte[] group, byte[] dacl, byte[] sacl);
public static extern uint GetSecurityInfo(
IntPtr handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
out IntPtr pSidOwner,
out IntPtr pSidGroup,
out _ACL pDacl,
out _ACL pSacl,
out _SECURITY_DESCRIPTOR pSecurityDescriptor
);
internal static unsafe void UnsafeSetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
fixed(byte *pSidOwner = (sidOwner != null ? sidOwner.GetNativeSID() : null))
{
fixed(byte *pSidGroup = (sidGroup != null ? sidGroup.GetNativeSID() : null))
{
fixed(byte *pDacl = (dacl != null ? dacl.GetNativeACL() : null))
{
fixed(byte *pSacl = (sacl != null ? sacl.GetNativeACL() : null))
{
DWORD rc = Win32.SetSecurityInfo(handle, ObjectType, SecurityInfo,
(IntPtr)pSidOwner, (IntPtr)pSidGroup, (IntPtr)pDacl, (IntPtr)pSacl);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
}
}
}
}
}
public static void SetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
UnsafeSetNamedSecurityInfo (objectName, objectType, securityInfo,
sidOwner, sidGroup, dacl, sacl);
}
public static void SetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
Sid sidOwner,
Sid sidGroup,
Dacl dacl,
Sacl sacl)
{
UnsafeSetSecurityInfo (handle, ObjectType, SecurityInfo,
sidOwner, sidGroup, dacl, sacl);
}
public void SetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo)
{
Sid ownerSid = (((securityInfo & SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION) == 0) ? null : this.Owner);
Sid groupSid = (((securityInfo & SECURITY_INFORMATION.GROUP_SECURITY_INFORMATION) == 0) ? null : this.Group);
Dacl dacl = (((securityInfo & SECURITY_INFORMATION.DACL_SECURITY_INFORMATION) == 0) ? null : this.Dacl);
Sacl sacl = (((securityInfo & SECURITY_INFORMATION.SACL_SECURITY_INFORMATION) == 0) ? null : this.Sacl);
Win32Helpers.SetSecurityInfo(handle, objectType, securityInfo,
ownerSid, groupSid, dacl, sacl);
}
internal static extern int GetSecurityInfo(IntPtr handle, SE_OBJECT_TYPE objectType, uint securityInformation, ref IntPtr ppSidOwner, ref IntPtr ppSidGroup, ref IntPtr ppDacl, ref IntPtr ppSacl, out IntPtr ppSecurityDescriptor);
private static extern long GetSecurityInfo(IntPtr handle, SE_OBJECT_TYPE objectType, SECURITY_INFORMATION securityInfo, out IntPtr ppsidOwner, out IntPtr ppsidGroup, out IntPtr ppDacl, out IntPtr ppSacl, out IntPtr ppSecurityDescriptor);
internal static extern int GetSecurityInfo(IntPtr handle, SE_OBJECT_TYPE objectType, uint securityInformation, ref IntPtr ppSidOwner, ref IntPtr ppSidGroup, ref IntPtr ppDacl, ref IntPtr ppSacl, out IntPtr ppSecurityDescriptor);
internal static extern int SetNamedSecurityInfo(string objectName, SE_OBJECT_TYPE objectType, System.Security.AccessControl.SecurityInfos securityInfo, IntPtr sidOwner, IntPtr sidGroup, IntPtr dacl, IntPtr sacl);
public static SecurityDescriptor GetNamedSecurityInfo(
string objectName,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo)
{
Sid sidOwner;
Sid sidGroup;
Dacl dacl;
Sacl sacl;
SecurityDescriptor secDesc;
Win32Helpers.GetNamedSecurityInfo(objectName, objectType, securityInfo,
out sidOwner, out sidGroup, out dacl, out sacl, out secDesc);
return secDesc;
}
public static extern DWORD SetNamedSecurityInfo(
LPCTSTR pObjectName, //REVIEW: Why is it documented as LPTSTR
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
[In,MarshalAs(UnmanagedType.LPArray)] byte[] psidOwner,
[In,MarshalAs(UnmanagedType.LPArray)] byte[] psidGroup,
[In,MarshalAs(UnmanagedType.LPArray)] byte[] pDacl,
[In,MarshalAs(UnmanagedType.LPArray)] byte[] pSacl);
public static extern DWORD SetNamedSecurityInfo( LPCTSTR pObjectName, //REVIEW: Why is it documented as LPTSTR SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl);
/// <summary>
/// Changes object ownership
/// </summary>
/// <param name="ObjectName"></param>
/// <param name="ObjectType"></param>
/// <returns></returns>
public bool ChangeObjectOwnership(string ObjectName, SE_OBJECT_TYPE ObjectType)
{
bool success = false;
IntPtr pSidAdmin = IntPtr.Zero;
IntPtr pAcl = IntPtr.Zero;
string name = ObjectName;
SID_IDENTIFIER_AUTHORITY sidNTAuthority = new SID_IDENTIFIER_AUTHORITY() { Value = new byte[] { 0, 0, 0, 0, 0, 5 } };
success = AllocateAndInitializeSid(ref sidNTAuthority, (byte)2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, ref pSidAdmin);
if (ObjectName.StartsWith("HKEY_CLASSES_ROOT"))
{
name = ObjectName.Replace("HKEY_CLASSES_ROOT", "CLASSES_ROOT");
}
else if (ObjectName.StartsWith("HKEY_CURRENT_USER"))
{
name = ObjectName.Replace("HKEY_CURRENT_USER", "CURRENT_USER");
}
else if (ObjectName.StartsWith("HKEY_LOCAL_MACHINE"))
{
name = ObjectName.Replace("HKEY_LOCAL_MACHINE", "MACHINE");
}
else if (ObjectName.StartsWith("HKEY_USERS"))
{
name = ObjectName.Replace("HKEY_USERS", "USERS");
}
if (success)
{
EXPLICIT_ACCESS[] explicitAccesss = new EXPLICIT_ACCESS[1];
explicitAccesss[0].grfAccessPermissions = ACCESS_MASK.GENERIC_ALL;
explicitAccesss[0].grfAccessMode = ACCESS_MODE.SET_ACCESS;
explicitAccesss[0].grfInheritance = NO_INHERITANCE;
explicitAccesss[0].Trustee.TrusteeForm = TRUSTEE_FORM.TRUSTEE_IS_SID;
explicitAccesss[0].Trustee.TrusteeType = TRUSTEE_TYPE.TRUSTEE_IS_GROUP;
explicitAccesss[0].Trustee.ptstrName = pSidAdmin;
//modify dacl
SetEntriesInAcl(1, ref explicitAccesss[0], IntPtr.Zero, out pAcl);
success = SetPrivilege(SE_TAKE_OWNERSHIP_NAME, true);
if (success)
{
// set admin as owner
int p = SetNamedSecurityInfo(name, ObjectType, SECURITY_INFORMATION.OWNER_SECURITY_INFORMATION, pSidAdmin, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero);
success = SetPrivilege(SE_TAKE_OWNERSHIP_NAME, false);
if (success)
{
SetNamedSecurityInfo(name, ObjectType, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, IntPtr.Zero, IntPtr.Zero, pAcl, IntPtr.Zero);
}
}
}
if (pSidAdmin != IntPtr.Zero)
{
FreeSid(pSidAdmin);
}
if (pAcl != IntPtr.Zero)
{
LocalFree(pAcl);
}
return success;
}
public static unsafe extern uint SetNamedSecurityInfo(
string pObjectName,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
void* psidOwner,
void* psidGroup,
[Friendly(FriendlyFlags.Out | FriendlyFlags.Optional)] Kernel32.ACL* pDacl,
[Friendly(FriendlyFlags.Out | FriendlyFlags.Optional)] Kernel32.ACL* pSacl);
public static extern uint GetNamedSecurityInfo(
string pObjectName,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
out IntPtr pSidOwner,
out IntPtr pSidGroup,
out IntPtr pDacl,
out IntPtr pSacl,
out IntPtr pSecurityDescriptor);
public static void GetSecurityInfo(
HANDLE handle,
SE_OBJECT_TYPE objectType,
SECURITY_INFORMATION securityInfo,
out Sid sidOwner,
out Sid sidGroup,
out Dacl dacl,
out Sacl sacl,
out SecurityDescriptor secDesc)
{
sidOwner = null;
sidGroup = null;
dacl = null;
sacl = null;
secDesc = null;
IntPtr ptrOwnerSid = IntPtr.Zero;
IntPtr ptrGroupSid = IntPtr.Zero;
IntPtr ptrDacl = IntPtr.Zero;
IntPtr ptrSacl = IntPtr.Zero;
IntPtr ptrSecDesc = IntPtr.Zero;
DWORD rc = Win32.GetSecurityInfo(handle, objectType, securityInfo,
ref ptrOwnerSid, ref ptrGroupSid, ref ptrDacl, ref ptrSacl, ref ptrSecDesc);
if (rc != Win32.ERROR_SUCCESS)
{
Win32.SetLastError(rc);
Win32.ThrowLastError();
}
try
{
if (ptrOwnerSid != IntPtr.Zero)
sidOwner = new Sid(ptrOwnerSid);
if (ptrGroupSid != IntPtr.Zero)
sidGroup = new Sid(ptrGroupSid);
if (ptrDacl != IntPtr.Zero)
dacl = new Dacl(ptrDacl);
if (ptrSacl != IntPtr.Zero)
sacl = new Sacl(ptrSacl);
if (ptrSecDesc != IntPtr.Zero)
secDesc = new SecurityDescriptor(ptrSecDesc, true);
}
catch
{
if (ptrSecDesc != IntPtr.Zero)
Win32.LocalFree(ptrSecDesc);
throw;
}
}
