private void SetSecurityDescriptorOnFile(object ace)
{
_ACL oriAcl = baseSD.Dacl.Value;
DtypUtility.AddAceToAcl(ref oriAcl, true, ace);
baseSD.Dacl = oriAcl;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Set Security Descriptor on the temp file ({0}): {1}.", FilePermissionTestShareUncPath, DtypUtility.ToSddlString(baseSD));
SetSecurityDescriptor(FilePermissionTestShareUncPath, tempFileName, baseSD, SET_INFO_Request_AdditionalInformation_Values.DACL_SECURITY_INFORMATION);
}
private void SetSecurityDescriptorOnShare(object ace)
{
_ACL acl = DtypUtility.CreateAcl(true, ace);
_SECURITY_DESCRIPTOR sd = originalSD;
_ACL oriAcl = originalSD.Dacl.Value;
DtypUtility.AddAceToAcl(ref oriAcl, true, ace);
sd.Dacl = oriAcl;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Set Security Descriptor on the share ({0}): {1}.",
FolderPermissionTestShareUncPath, DtypUtility.ToSddlString(sd));
SetSecurityDescriptor(FolderPermissionTestShareUncPath, null, sd, SET_INFO_Request_AdditionalInformation_Values.DACL_SECURITY_INFORMATION);
}
private void SetSecurityDescriptorOnDynamicallyConfigurableShare(object ace)
{
_SECURITY_DESCRIPTOR sd = DtypUtility.DecodeSecurityDescriptor(originalShareInfo.Value.shi502_security_descriptor);
_ACL dacl = sd.Dacl.Value;
DtypUtility.AddAceToAcl(ref dacl, true, ace);
sd.Dacl = dacl;
DtypUtility.UpdateSecurityDescriptor(ref sd);
SHARE_INFO_502_I newShareInfo = originalShareInfo.Value;
newShareInfo.shi502_security_descriptor = DtypUtility.EncodeSecurityDescriptor(sd);
newShareInfo.shi502_reserved = (uint)newShareInfo.shi502_security_descriptor.Length;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Set Security Descriptor on the share ({0}): {1}.",
Smb2Utility.GetUncPath(TestConfig.SutComputerName, dynamicallyConfigurableShareName), DtypUtility.ToSddlString(sd));
SetShareInfo(dynamicallyConfigurableShareName, newShareInfo);
}
public void _createSecuritydesc()
{
byte[] SECURITY_WORLD_SID_AUTHORITY = new byte[6] {
0, 0, 0, 0, 0, 1
};
SidIdentifierAuthority NtAuthority = new SidIdentifierAuthority();
NtAuthority.Value = SECURITY_WORLD_SID_AUTHORITY;
IntPtr AuthenticatedUsersSid = IntPtr.Zero;
//const int AuthenticatedUser = 11;
const int SECURITY_WORLD_RID = 0;
// Get the SID for the Authenticated Uses group
if (!NativeMethods.AllocateAndInitializeSid(ref NtAuthority,
1,
SECURITY_WORLD_RID,
0, 0, 0, 0, 0, 0, 0,
out AuthenticatedUsersSid))
{
NativeMethods.FreeSid(AuthenticatedUsersSid);
throw new Win32Exception("Failed to AllocateAndInitializeSid");
}
// Remember to free the SID when you are done
//NativeMethods.FreeSid(AuthenticatedUsersSid);
IntPtr SPECIFIC_RIGHTS_ALL = (IntPtr)0x0000FFFF;
IntPtr STANDARD_RIGHTS_ALL = (IntPtr)0x001F0000;
IntPtr SPECIFIC_N_STANDARD_RIGHTS_ALL = (IntPtr)0x001FFFFF;
uint SET_ACCESS = 2;
EXPLICIT_ACCESS ea = new EXPLICIT_ACCESS();
ea.grfAccessPermissions = (uint)RightFlags.SPECIFIC_N_STANDARD_RIGHTS_ALL;
//(uint)SPECIFIC_N_STANDARD_RIGHTS_ALL;
ea.grfAccessMode = SET_ACCESS;
ea.grfInheritance = 0; //NO_INHERITANCE
ea.Trustee.TrusteeForm = TRUSTEE_FORM.TRUSTEE_IS_SID; //TRUSTEE_IS_SID
ea.Trustee.TrusteeType = TRUSTEE_TYPE.TRUSTEE_IS_WELL_KNOWN_GROUP; //TRUSTEE_IS_WELL_KNOWN_GROUP
ea.Trustee.ptstrName = AuthenticatedUsersSid;
IntPtr NewAclPointer = IntPtr.Zero;
_ACL NewAcl = new _ACL();
// Marshal.StructureToPtr(NewAcl, NewAclPointer, true);
int dwRes = NativeMethods.SetEntriesInAcl(1, ref ea, IntPtr.Zero, out NewAclPointer);
if (dwRes != 0)
{
throw new Win32Exception("Failed to SetEntriesInAcl");
}
SECURITY_DESCRIPTOR sec = new SECURITY_DESCRIPTOR();
Marshal.SizeOf(sec);
IntPtr pSDlocalAlloc = NativeMethods.LocalAlloc((uint)LMEMFlags.LMEM_FIXED_N_ZEROINIT, (UIntPtr)Marshal.SizeOf(sec));
//Marshal.PtrToStructure(pSDlocalAlloc, sec);
if (pSDlocalAlloc == IntPtr.Zero || pSDlocalAlloc == null)
{
throw new Win32Exception("Failed to localAlloc");
}
if (!NativeMethods.InitializeSecurityDescriptor(out sec, 1))
{
throw new Win32Exception("Failed to InitializeSecurityDescriptor");
}
if (!NativeMethods.SetSecurityDescriptorDacl(ref sec, true, NewAclPointer, false))
{
throw new Win32Exception("Failed to SetSecurityDescriptorDacl");
}
//byte[] src = getBytes(sec);
//IntPtr dest = Marshal.AllocHGlobal(src.Length);
//Marshal.Copy(src, 0, dest, src.Length);
//sa.bInheritHandle = 0;
//sa.nLength = Marshal.SizeOf(sa);
//sa.lpSecurityDescriptor = dest;
//Marshal.FreeHGlobal(dest);
//--------------------
//byte[] src = getBytes(sec);
//IntPtr dest = Marshal.AllocHGlobal(src.Length);
//Marshal.Copy(src, 0, dest, src.Length);
//gay1
Marshal.StructureToPtr(sec, pSDlocalAlloc, true);
sa.bInheritHandle = 0;
sa.nLength = (uint)Marshal.SizeOf(sa); // its 24 or 816 (8x100 +8(int) +8(int))
sa.lpSecurityDescriptor = pSDlocalAlloc; // dest;//0x00000193dc8f7420
//gay1 end
//Marshal.FreeHGlobal(dest);
//sa.lpSecurityDescriptor = getBytes(sa);
//Serialize();
// Marshal.by(gay, SECURITY_ATTRIBUTES);
NativeMethods.FreeSid(AuthenticatedUsersSid);
NativeMethods.LocalFree(pSDlocalAlloc);
}
public static extern uint GetSecurityInfo(
IntPtr handle,
SE_OBJECT_TYPE ObjectType,
SECURITY_INFORMATION SecurityInfo,
out IntPtr pSidOwner,
out IntPtr pSidGroup,
out _ACL pDacl,
out _ACL pSacl,
out _SECURITY_DESCRIPTOR pSecurityDescriptor
);
