/// <summary> /// Process record. /// </summary> protected override void ProcessRecord() { if (Empty) { WriteObject(AccessMask.IsEmpty); } else if (ParameterSetName == "WriteRestricted") { GenericMapping std_map = NtSecurity.StandardAccessMapping; WriteObject((std_map.GenericWrite & ~(std_map.GenericRead | std_map.GenericExecute) | WriteRestricted.GenericWrite & ~(WriteRestricted.GenericRead | WriteRestricted.GenericExecute)).IsEmpty); } else if (All) { WriteObject(AccessMask.IsAllAccessGranted(GetAccessMask())); } else { WriteObject(AccessMask.IsAccessGranted(GetAccessMask())); } }
/// <summary> /// Checks whether the security descriptor grants a set of access rights to a client. /// </summary> /// <param name="tokenHandle">A handle to a token which represents the client.</param> /// <param name="desiredAccess">The access rights requested by the client.</param> /// <param name="genericMapping">A structure which defines how generic access rights are to be mapped.</param> /// <param name="grantedAccess">A variable which receives the granted access rights.</param> /// <returns>Success if access was granted, otherwise another NT status value.</returns> public NtStatus CheckAccess(TokenHandle tokenHandle, int desiredAccess, GenericMapping genericMapping, out int grantedAccess) { NtStatus status; NtStatus accessStatus; int privilegeSetLength = 0; if ((status = Win32.NtAccessCheck( this, tokenHandle, desiredAccess, ref genericMapping, IntPtr.Zero, ref privilegeSetLength, out grantedAccess, out accessStatus )) >= NtStatus.Error) { Win32.Throw(status); } return(accessStatus); }
static AccessMask GetGrantedAccess(SecurityDescriptor sd, NtToken token, AccessMask specific_rights, GenericMapping generic_mapping) { AccessMask granted_access; specific_rights = generic_mapping.MapMask(specific_rights); if (specific_rights.HasAccess) { granted_access = NtSecurity.GetAllowedAccess(sd, token, specific_rights, generic_mapping); // As we can get all the rights for the key get maximum if (granted_access.HasAccess) { granted_access = NtSecurity.GetMaximumAccess(sd, token, generic_mapping); } } else { granted_access = NtSecurity.GetMaximumAccess(sd, token, generic_mapping); } return(granted_access); }
internal AccessCheckResult(string name, string type_name, AccessMask granted_access, GenericMapping generic_mapping, SecurityDescriptor sd, Type enum_type, bool is_directory, TokenInformation token_info) { Name = name; TypeName = type_name; GrantedAccess = granted_access; GenericMapping = generic_mapping; TokenInfo = token_info; SecurityDescriptor = sd?.ToSddl() ?? string.Empty; Owner = sd?.Owner?.Sid.ToString() ?? string.Empty; IsRead = generic_mapping.HasRead(granted_access); IsWrite = generic_mapping.HasWrite(granted_access) || granted_access.IsAccessGranted(GenericAccessRights.WriteDac) || granted_access.IsAccessGranted(GenericAccessRights.WriteOwner) || granted_access.IsAccessGranted(GenericAccessRights.Delete); IsExecute = generic_mapping.HasExecute(granted_access); IsAll = generic_mapping.HasAll(granted_access); GrantedAccessString = NtObjectUtils.GrantedAccessAsString(granted_access, generic_mapping, enum_type, false); GrantedGenericAccessString = NtObjectUtils.GrantedAccessAsString(granted_access, generic_mapping, enum_type, true); TokenId = token_info.TokenId.ToInt64(); IsDirectory = is_directory; }
private protected override void RunAccessCheck(IEnumerable <TokenEntry> tokens) { GenericMapping generic_mapping = NtWnf.GenericMapping; AccessMask access_rights = generic_mapping.MapMask(Access); var entries = NtWnf.GetRegisteredNotifications(); foreach (var entry in entries) { var sd = entry.SecurityDescriptor; if (sd == null) { WriteWarning($"Couldn't query security for WNF Provider {entry.StateName:X016}."); continue; } if (sd.Owner == null) { sd.Owner = new SecurityDescriptorSid(new Sid("SY"), false); } if (sd.Group == null) { sd.Group = new SecurityDescriptorSid(new Sid("SY"), false); } foreach (TokenEntry token in tokens) { AccessMask granted_access = NtSecurity.GetMaximumAccess(sd, token.Token, generic_mapping); if (IsAccessGranted(granted_access, access_rights)) { WriteObject(new WnfAccessCheckResult(entry, granted_access, sd, token.Information)); } } } }
private static bool GetGrantedAccess(string sddl, string principal, NtToken token, bool launch, out COMAccessRights maximum_rights) { GenericMapping mapping = new GenericMapping { GenericExecute = (uint)(COMAccessRights.Execute | COMAccessRights.ExecuteLocal | COMAccessRights.ExecuteRemote | COMAccessRights.ExecuteContainer) }; if (launch) { mapping.GenericExecute |= (uint)(COMAccessRights.ActivateLocal | COMAccessRights.ActivateRemote | COMAccessRights.ActivateContainer); } // If SD is only a NULL DACL we get maximum rights. if (sddl == "D:NO_ACCESS_CONTROL") { maximum_rights = mapping.GenericExecute.ToSpecificAccess <COMAccessRights>(); return(true); } AccessMask mask; if (!string.IsNullOrWhiteSpace(principal)) { mask = NtSecurity.GetMaximumAccess(new SecurityDescriptor(sddl), token, new Sid(principal), mapping); } else { mask = NtSecurity.GetMaximumAccess(new SecurityDescriptor(sddl), token, mapping); } mask &= 0xFFFF; maximum_rights = mask.ToSpecificAccess <COMAccessRights>(); return(mask != 0); }
/// <summary> /// Checks whether the security descriptor grants a set of access rights to a client. /// </summary> /// <param name="tokenHandle">A handle to a token which represents the client.</param> /// <param name="desiredAccess">The access rights requested by the client.</param> /// <param name="genericMapping">A structure which defines how generic access rights are to be mapped.</param> /// <param name="grantedAccess">A variable which receives the granted access rights.</param> /// <returns>Success if access was granted, otherwise another NT status value.</returns> public NtStatus CheckAccess(TokenHandle tokenHandle, int desiredAccess, GenericMapping genericMapping, out int grantedAccess) { NtStatus accessStatus; int privilegeSetLength = 0; Win32.NtAccessCheck( this, tokenHandle, desiredAccess, ref genericMapping, IntPtr.Zero, ref privilegeSetLength, out grantedAccess, out accessStatus ).ThrowIf(); return accessStatus; }
/// <summary> /// Set the security descriptor for the control. /// </summary> /// <param name="security_descriptor">Security descriptor to view.</param> /// <param name="access_type">The enum type for the view.</param> /// <param name="mapping">Generic mapping for the type.</param> /// <param name="valid_access">The valid bit mask for access for this type.</param> /// <param name="is_container">True to indicate this object is a container.</param> public void SetSecurityDescriptor(SecurityDescriptor security_descriptor, Type access_type, GenericMapping mapping, AccessMask valid_access, bool is_container) { AddAclTab(tabPageDACL, aclViewerControlDacl, security_descriptor.Dacl, access_type, mapping, valid_access, is_container); AddAclTab(tabPageSACL, aclViewerControlSacl, security_descriptor.Sacl, access_type, mapping, valid_access, is_container); SetSidLabel(lblOwnerValue, security_descriptor.Owner); SetSidLabel(lblGroupValue, security_descriptor.Group); Ace label = security_descriptor.GetMandatoryLabel(); if (label != null) { lblIntegrityValue.Text = $"{NtSecurity.GetIntegrityLevel(label.Sid)} ({label.Mask.ToMandatoryLabelPolicy()})"; } else { lblIntegrityValue.Text = "N/A"; } }
static uint GetGrantedAccess(SecurityDescriptor sd, NtToken token, uint specific_rights, GenericMapping generic_mapping) { uint granted_access = 0; specific_rights = generic_mapping.MapMask(specific_rights); if (specific_rights != 0) { granted_access = NtSecurity.GetAllowedAccess(sd, token, (GenericAccessRights)(specific_rights), generic_mapping); } else { granted_access = NtSecurity.GetMaximumAccess(sd, token, generic_mapping); } if (granted_access != 0) { // As we can get all the rights for the key get maximum if (specific_rights != 0) { granted_access = NtSecurity.GetMaximumAccess(sd, token, generic_mapping); } } return(granted_access); }
public NtStatus CheckAccess(TokenHandle tokenHandle, int desiredAccess, GenericMapping genericMapping, out int grantedAccess) { NtStatus status; NtStatus accessStatus; int privilegeSetLength = 0; if ((status = Win32.NtAccessCheck( this, tokenHandle, desiredAccess, ref genericMapping, IntPtr.Zero, ref privilegeSetLength, out grantedAccess, out accessStatus )) >= NtStatus.Error) Win32.ThrowLastError(status); return accessStatus; }
private protected override void WriteAccessCheckResult(string name, string type_name, AccessMask granted_access, GenericMapping generic_mapping, SecurityDescriptor sd, Type enum_type, bool is_directory, TokenInformation token_info) { _cmdlet.WriteAccessCheckResult(name, type_name, granted_access, generic_mapping, sd, enum_type, is_directory, token_info); }
static extern void MapGenericMask(ref int mask, ref GenericMapping mapping);
/// <summary> /// Set ACL for control. /// </summary> /// <param name="acl">The ACL to view.</param> /// <param name="access_type">The enum type for the view.</param> /// <param name="mapping">Generic mapping for the type.</param> /// <param name="valid_access">The valid bit mask for access for this type.</param> /// <param name="is_container">True to indicate this object is a container.</param> public void SetAcl(Acl acl, Type access_type, GenericMapping mapping, AccessMask valid_access, bool is_container) { _acl = acl; _access_type = access_type; _mapping = mapping; _valid_access = valid_access; _is_container = is_container; if (!acl.HasConditionalAce) { listViewAcl.Columns.Remove(columnHeaderCondition); copyConditionToolStripMenuItem.Visible = false; } foreach (var ace in acl) { var item = listViewAcl.Items.Add(ace.Type.ToString()); item.SubItems.Add(ace.Sid.Name); string access; if (ace.Type == AceType.MandatoryLabel) { access = ace.Mask.ToMandatoryLabelPolicy().ToString(); } else { AccessMask mapped_mask = mapping.MapMask(ace.Mask); mapped_mask = mapping.UnmapMask(mapped_mask); access = mapped_mask.ToSpecificAccess(access_type).ToString(); } item.SubItems.Add(access); item.SubItems.Add(ace.Flags.ToString()); if (ace.IsConditionalAce) { item.SubItems.Add(ace.Condition); } item.Tag = ace; switch (ace.Type) { case AceType.Allowed: case AceType.AllowedCallback: case AceType.AllowedCallbackObject: case AceType.AllowedObject: item.BackColor = Color.LightGreen; break; case AceType.Denied: case AceType.DeniedCallback: case AceType.DeniedCallbackObject: case AceType.DeniedObject: item.BackColor = Color.LightSalmon; break; case AceType.ProcessTrustLabel: item.BackColor = Color.LightSkyBlue; break; case AceType.MandatoryLabel: item.BackColor = Color.LightGoldenrodYellow; break; case AceType.Audit: case AceType.AuditCallback: case AceType.AuditCallbackObject: case AceType.AuditObject: item.BackColor = Color.LightCoral; break; } } listViewAcl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.ColumnContent); listViewAcl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize); }
/// <summary> /// Set ACL for control. /// </summary> /// <param name="acl">The ACL to view.</param> /// <param name="access_type">The enum type for the view.</param> /// <param name="mapping">Generic mapping for the type.</param> /// <param name="valid_access">The valid bit mask for access for this type.</param> /// <param name="is_container">True to indicate this object is a container.</param> public void SetAcl(Acl acl, Type access_type, GenericMapping mapping, AccessMask valid_access, bool is_container) { SetAcl(acl, access_type, mapping, valid_access, is_container, false); }
/// <summary> /// Set ACL for control. /// </summary> /// <param name="acl">The ACL to view.</param> /// <param name="access_type">The enum type for the view.</param> /// <param name="mapping">Generic mapping for the type.</param> /// <param name="valid_access">The valid bit mask for access for this type.</param> /// <param name="is_container">True to indicate this object is a container.</param> /// <param name="sdk_names">Show the ACEs using SDK style names.</param> public void SetAcl(Acl acl, Type access_type, GenericMapping mapping, AccessMask valid_access, bool is_container, bool sdk_names) { _acl = acl; _access_type = access_type; _mapping = mapping; _valid_access = valid_access; _is_container = is_container; _sdk_names = sdk_names; showSDKNamesToolStripMenuItem.Checked = sdk_names; bool has_conditional_ace = false; bool has_inherited_object_ace = false; bool has_object_ace = false; List <string> flags = new List <string>(); if (acl.Defaulted) { flags.Add("Defaulted"); } if (acl.Protected) { flags.Add("Protected"); } if (acl.AutoInherited) { flags.Add("AutoInherited"); } if (acl.AutoInheritReq) { flags.Add("AutoInheritReq"); } if (flags.Count > 0) { lblFlags.Text = $"Flags: {string.Join(", ", flags)}"; } else { lblFlags.Text = "Flags: None"; } if (acl.NullAcl) { lblFlags.Text += Environment.NewLine + "NULL ACL"; listViewAcl.Visible = false; listViewAccess.Visible = false; groupBoxAclEntries.Visible = false; groupBoxAccess.Visible = false; return; } listViewAcl.Items.Clear(); listViewAcl.Visible = true; listViewAccess.Visible = true; listViewAccess.Items.Clear(); _current_access_type = null; groupBoxAclEntries.Visible = true; groupBoxAccess.Visible = true; foreach (var ace in acl) { if (ace.IsConditionalAce) { has_conditional_ace = true; } if (ace.IsObjectAce) { if (ace.ObjectType.HasValue) { has_object_ace = true; } if (ace.InheritedObjectType.HasValue) { has_inherited_object_ace = true; } } } if (!has_conditional_ace) { listViewAcl.Columns.Remove(columnHeaderCondition); copyConditionToolStripMenuItem.Visible = false; } if (!has_object_ace) { listViewAcl.Columns.Remove(columnHeaderObject); } if (!has_inherited_object_ace) { listViewAcl.Columns.Remove(columnHeaderInheritedObject); } foreach (var ace in acl) { var item = listViewAcl.Items.Add(sdk_names ? NtSecurity.AceTypeToSDKName(ace.Type) : ace.Type.ToString()); item.SubItems.Add(ace.Sid.Name); string access; if (ace.Type == AceType.MandatoryLabel) { access = NtSecurity.AccessMaskToString(ace.Mask.ToMandatoryLabelPolicy(), sdk_names); } else if (ace.Flags.HasFlag(AceFlags.InheritOnly)) { access = NtSecurity.AccessMaskToString(ace.Mask.ToSpecificAccess(access_type), sdk_names); } else { AccessMask mapped_mask = mapping.MapMask(ace.Mask); mapped_mask = mapping.UnmapMask(mapped_mask); access = NtSecurity.AccessMaskToString(mapped_mask.ToSpecificAccess(access_type), sdk_names); } item.SubItems.Add(access); item.SubItems.Add(sdk_names ? NtSecurity.AceFlagsToSDKName(ace.Flags) : ace.Flags.ToString()); if (has_conditional_ace) { item.SubItems.Add(ace.Condition); } if (has_object_ace) { item.SubItems.Add(ace.ObjectType?.ToString() ?? string.Empty); } if (has_inherited_object_ace) { item.SubItems.Add(ace.InheritedObjectType?.ToString() ?? string.Empty); } item.Tag = ace; switch (ace.Type) { case AceType.Allowed: case AceType.AllowedCallback: case AceType.AllowedCallbackObject: case AceType.AllowedObject: item.BackColor = Color.LightGreen; break; case AceType.Denied: case AceType.DeniedCallback: case AceType.DeniedCallbackObject: case AceType.DeniedObject: item.BackColor = Color.LightSalmon; break; case AceType.ProcessTrustLabel: item.BackColor = Color.LightSkyBlue; break; case AceType.MandatoryLabel: item.BackColor = Color.LightGoldenrodYellow; break; case AceType.Audit: case AceType.AuditCallback: case AceType.AuditCallbackObject: case AceType.AuditObject: item.BackColor = Color.LightCoral; break; } } listViewAcl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.ColumnContent); listViewAcl.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize); }
private void AddAclTab(TabPage tab_page, AclViewerControl control, Acl acl, Type access_type, GenericMapping mapping, AccessMask valid_access) { if (acl == null) { tabControl.TabPages.Remove(tab_page); } else { if (acl.NullAcl) { tab_page.Controls.Remove(control); tab_page.Controls.Add(new Label() { Text = "NULL ACL", Dock = DockStyle.Fill }); } else { control.SetAcl(acl, access_type, mapping, valid_access); } } }
private protected override void RunAccessCheck(IEnumerable <TokenEntry> tokens) { if (CheckScmAccess) { SecurityDescriptor sd = ServiceUtils.GetScmSecurityDescriptor(); GenericMapping scm_mapping = ServiceUtils.GetScmGenericMapping(); foreach (TokenEntry token in tokens) { AccessMask granted_access = NtSecurity.GetMaximumAccess(sd, token.Token, scm_mapping); WriteAccessCheckResult("SCM", "SCM", granted_access, scm_mapping, sd, typeof(ServiceControlManagerAccessRights), false, token.Information); } } else { IEnumerable <Win32Service> services = GetServices(); InternalGetAccessibleFileCmdlet file_cmdlet = null; HashSet <string> checked_files = new HashSet <string>(StringComparer.OrdinalIgnoreCase); if (CheckFiles) { file_cmdlet = new InternalGetAccessibleFileCmdlet(this) { FormatWin32Path = true }; } GenericMapping service_mapping = ServiceUtils.GetServiceGenericMapping(); AccessMask access_rights = service_mapping.MapMask(Access); foreach (var service in services.Where(s => s?.SecurityDescriptor != null)) { foreach (TokenEntry token in tokens) { AccessMask granted_access = NtSecurity.GetMaximumAccess(service.SecurityDescriptor, token.Token, service_mapping); ServiceAccessRights trigger_access = GetTriggerAccess(service, token.Token); if (IsAccessGranted(granted_access, access_rights)) { WriteObject(new ServiceAccessCheckResult(service.Name, granted_access | trigger_access, service.SecurityDescriptor, token.Information, trigger_access, granted_access.ToSpecificAccess <ServiceAccessRights>(), service)); } } if (CheckFiles) { if (!string.IsNullOrWhiteSpace(service.ImagePath) && File.Exists(service.ImagePath) && checked_files.Add(service.ImagePath)) { file_cmdlet.RunAccessCheckPathInternal(tokens, service.ImagePath); } if (!string.IsNullOrWhiteSpace(service.ServiceDll) && File.Exists(service.ServiceDll) && checked_files.Add(service.ServiceDll)) { file_cmdlet.RunAccessCheckPathInternal(tokens, service.ServiceDll); } } } } }
private bool CheckForAccess <T>(SecurityDescriptor sd, NtToken token, T desired_access, GenericMapping generic_mapping) where T : Enum { var result = NtSecurity.AccessCheck(sd, token, desired_access, null, generic_mapping, false); if (!result.IsSuccess || !result.Result.Status.IsSuccess()) { return(false); } return(result.Result.GrantedAccess.HasAccess); }
private void AddAclTab(TabPage tab_page, AclViewerControl control, Acl acl, Type access_type, GenericMapping mapping, AccessMask valid_access, bool is_container) { if (acl == null) { tabControl.TabPages.Remove(tab_page); } else { control.SetAcl(acl, access_type, mapping, valid_access, is_container); } }
public SecurityInformationImpl(string obj_name, SecurityDescriptor sd, Dictionary <uint, string> names, GenericMapping generic_mapping) : this(obj_name, names, generic_mapping, true) { _sd = sd.ToByteArray(); }
/// <summary> /// Set ACL for control. /// </summary> /// <param name="acl">The ACL to view.</param> /// <param name="access_type">The enum type for the view.</param> /// <param name="mapping">Generic mapping for the type.</param> /// <param name="valid_access">The valid bit mask for access for this type.</param> public void SetAcl(Acl acl, Type access_type, GenericMapping mapping, AccessMask valid_access) { SetAcl(acl, access_type, mapping, valid_access, false); }
/// <summary> /// Set the security descriptor for the control. /// </summary> /// <param name="security_descriptor">Security descriptor to view.</param> /// <param name="access_type">The enum type for the view.</param> /// <param name="mapping">Generic mapping for the type.</param> /// <param name="valid_access">The valid bit mask for access for this type.</param> public void SetSecurityDescriptor(SecurityDescriptor security_descriptor, Type access_type, GenericMapping mapping, AccessMask valid_access) { SetSecurityDescriptor(security_descriptor, access_type, mapping, valid_access, false); }
public static InheritedFromInfo[] GetInheritanceSource(string objectName, ResourceType objectType, SecurityInfosEx securityInfo, bool container, IntPtr pAcl, ref GenericMapping pGenericMapping) { int objSize = Marshal.SizeOf(typeof(InheritedFromInfo)); var aceCount = GetAceCount(pAcl); var ret = new InheritedFromInfo[aceCount]; IntPtr pInherit = Marshal.AllocHGlobal(objSize * (int)aceCount); try { int hr = GetInheritanceSource(objectName, objectType, securityInfo, container, IntPtr.Zero, 0, pAcl, IntPtr.Zero, ref pGenericMapping, pInherit); if (hr != 0) { throw new System.ComponentModel.Win32Exception(hr); } IntPtr pInheritTmp = pInherit; for (int i = 0; i < aceCount; i++) { ret[i] = (InheritedFromInfo)Marshal.PtrToStructure(pInheritTmp, typeof(InheritedFromInfo)); System.Diagnostics.Debug.WriteLine(": " + ret[i].ToString()); pInheritTmp = new IntPtr(pInheritTmp.ToInt32() + objSize); } } catch { } finally { FreeInheritedFromArray(pInherit, (ushort)aceCount, IntPtr.Zero); Marshal.FreeHGlobal(pInherit); } return(ret); }
/// <summary> /// Set the security descriptor for the control. /// </summary> /// <param name="security_descriptor">Security descriptor to view.</param> /// <param name="access_type">The enum type for the view.</param> /// <param name="mapping">Generic mapping for the type.</param> /// <param name="valid_access">The valid bit mask for access for this type.</param> public void SetSecurityDescriptor(SecurityDescriptor security_descriptor, Type access_type, GenericMapping mapping, AccessMask valid_access) { AddAclTab(tabPageDACL, aclViewerControlDacl, security_descriptor.Dacl, access_type, mapping, valid_access); AddAclTab(tabPageSACL, aclViewerControlSacl, security_descriptor.Sacl, access_type, mapping, valid_access); SetSidLabel(lblOwnerValue, security_descriptor.Owner); SetSidLabel(lblGroupValue, security_descriptor.Group); if (security_descriptor.Sacl != null && !security_descriptor.Sacl.NullAcl && security_descriptor.Sacl.Where(a => a.Type == AceType.MandatoryLabel).Count() > 0) { lblIntegrityValue.Text = security_descriptor.IntegrityLevel.ToString(); } else { lblIntegrityValue.Text = "N/A"; } }
public SecurityInformationImpl(string obj_name, NtObject handle, Dictionary <uint, string> names, GenericMapping generic_mapping, bool read_only) : this(obj_name, names, generic_mapping, read_only) { _handle = handle; }
internal void WriteAccessCheckResult(string name, string type_name, AccessMask granted_access, GenericMapping generic_mapping, string sddl, Type enum_type, bool is_directory, TokenInformation token_info) { WriteObject(new AccessCheckResult(name, type_name, granted_access, generic_mapping, sddl, enum_type, is_directory, token_info)); }
private protected virtual void WriteAccessCheckResult(string name, string type_name, AccessMask granted_access, GenericMapping generic_mapping, SecurityDescriptor sd, Type enum_type, bool is_directory, TokenInformation token_info) { WriteObject(new CommonAccessCheckResult(name, type_name, granted_access, generic_mapping, sd, enum_type, is_directory, token_info)); }
public SecurityInformationImpl(string obj_name, NtObject handle, Dictionary<uint, string> names, GenericMapping generic_mapping) { _mapping = generic_mapping; _handle = handle; _obj_name = new SafeStringBuffer(obj_name); _access_map = new SafeHGlobalBuffer(Marshal.SizeOf(typeof(SiAccess)) * names.Count); SiAccess[] sis = new SiAccess[names.Count]; IntPtr current_ptr = _access_map.DangerousGetHandle(); _names = new DisposableList<SafeStringBuffer>(); int i = 0; foreach (KeyValuePair<uint, string> pair in names) { _names.Add(new SafeStringBuffer(pair.Value)); SiAccess si = new SiAccess(); si.dwFlags = SiAccessFlags.SI_ACCESS_SPECIFIC | SiAccessFlags.SI_ACCESS_GENERAL; si.mask = pair.Key; si.pszName = _names[i].DangerousGetHandle(); sis[i] = si; i++; } _access_map.WriteArray(0, sis, 0, names.Count); }