private static ComparisonResult CompareAces(GenericAce ace1, GenericAce ace2, bool isDacl) { int num = isDacl ? DaclAcePriority(ace1) : SaclAcePriority(ace1); int num2 = isDacl ? DaclAcePriority(ace2) : SaclAcePriority(ace2); if (num < num2) { return(ComparisonResult.LessThan); } if (num > num2) { return(ComparisonResult.GreaterThan); } KnownAce ace = ace1 as KnownAce; KnownAce ace3 = ace2 as KnownAce; if ((ace != null) && (ace3 != null)) { int num3 = ace.SecurityIdentifier.CompareTo(ace3.SecurityIdentifier); if (num3 < 0) { return(ComparisonResult.LessThan); } if (num3 > 0) { return(ComparisonResult.GreaterThan); } } return(ComparisonResult.EqualTo); }
internal virtual bool IsAceMeaningless(GenericAce ace) { AceFlags flags = ace.AceFlags; KnownAce knownAce = ace as KnownAce; if (knownAce != null) { if (0 == knownAce.AccessMask) { return(true); } if (0 != (flags & AceFlags.InheritOnly)) { if (knownAce is ObjectAce) { return(true); } if (!IsContainer) { return(true); } if (0 == (flags & (AceFlags.ContainerInherit | AceFlags.ObjectInherit))) { return(true); } } } return(false); }
private bool InspectAce(ref GenericAce ace, bool isDacl) { KnownAce ace2 = ace as KnownAce; if ((ace2 != null) && (ace2.AccessMask == 0)) { return(false); } if (!this.IsContainer) { if (((byte)(ace.AceFlags & AceFlags.InheritOnly)) != 0) { return(false); } if (((byte)(ace.AceFlags & (AceFlags.ContainerInherit | AceFlags.InheritOnly | AceFlags.NoPropagateInherit | AceFlags.ObjectInherit))) != 0) { ace.AceFlags = (AceFlags)((byte)(((int)ace.AceFlags) & 240)); } } else { if (((((byte)(ace.AceFlags & AceFlags.InheritOnly)) != 0) && (((byte)(ace.AceFlags & AceFlags.ContainerInherit)) == 0)) && (((byte)(ace.AceFlags & (AceFlags.None | AceFlags.ObjectInherit))) == 0)) { return(false); } if (((((byte)(ace.AceFlags & (AceFlags.None | AceFlags.NoPropagateInherit))) != 0) && (((byte)(ace.AceFlags & AceFlags.ContainerInherit)) == 0)) && (((byte)(ace.AceFlags & (AceFlags.None | AceFlags.ObjectInherit))) == 0)) { ace.AceFlags = (AceFlags)((byte)(((int)ace.AceFlags) & 0xfb)); } } QualifiedAce ace3 = ace2 as QualifiedAce; if (isDacl) { ace.AceFlags = (AceFlags)((byte)(((int)ace.AceFlags) & 0x3f)); if (((ace3 != null) && (ace3.AceQualifier != AceQualifier.AccessAllowed)) && (ace3.AceQualifier != AceQualifier.AccessDenied)) { return(false); } } else { if (((byte)(ace.AceFlags & AceFlags.AuditFlags)) == 0) { return(false); } if ((ace3 != null) && (ace3.AceQualifier != AceQualifier.SystemAudit)) { return(false); } } return(true); }
internal void ApplyCanonicalSortToExplicitAces(int start, int count) { int i, j; for (i = start + 1; i < start + count; i++) { KnownAce ace = (KnownAce)raw_acl [i]; SecurityIdentifier sid = ace.SecurityIdentifier; for (j = i; j > start && ((KnownAce)raw_acl [j - 1]).SecurityIdentifier.CompareTo(sid) > 0; j--) { raw_acl [j] = raw_acl [j - 1]; } raw_acl [j] = ace; } }
public void Purge(SecurityIdentifier sid) { if (sid == null) { throw new ArgumentNullException("sid"); } this.ThrowIfNotCanonical(); for (int i = this.Count - 1; i >= 0; i--) { KnownAce ace = this._acl[i] as KnownAce; if (((ace != null) && (((byte)(ace.AceFlags & AceFlags.Inherited)) == 0)) && (ace.SecurityIdentifier == sid)) { this._acl.RemoveAce(i); } } this.OnAclModificationTried(); }