Difference between revisions of "Unit Security"
From Ultibo.org
| Line 28: | Line 28: | ||
---- | ---- | ||
| − | '' | + | |
| + | '''SID identifier authority''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>SID_IDENTIFIER_AUTHORITY = _SID_IDENTIFIER_AUTHORITY;</code> | ||
| + | |||
| + | <code>TSidIdentifierAuthority = SID_IDENTIFIER_AUTHORITY;</code> | ||
| + | |||
| + | <code>PSidIdentifierAuthority = PSID_IDENTIFIER_AUTHORITY;</code> | ||
| + | |||
| + | <code>PSID_IDENTIFIER_AUTHORITY = ^SID_IDENTIFIER_AUTHORITY;</code> | ||
| + | |||
| + | <code>_SID_IDENTIFIER_AUTHORITY = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Value: array [0..5] of Byte;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''SID types''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>SID = _SID;</code> | ||
| + | |||
| + | <code>PPSID = ^PSID;</code> | ||
| + | |||
| + | <code>TSid = SID;</code> | ||
| + | |||
| + | <code>PSid = ^SID;</code> | ||
| + | |||
| + | <code>_SID = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Revision: Byte;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>SubAuthorityCount: Byte;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>IdentifierAuthority: SID_IDENTIFIER_AUTHORITY;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>SubAuthority: array [0..ANYSIZE_ARRAY - 1] of DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Signed types''' | ||
| + | |||
| + | {| class="wikitable" style="font-size: 14px; text-align: left; width: 100%; height: 50px;" | ||
| + | |- | ||
| + | | <code>BOOL = LongBool;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | |} | ||
| + | |||
| + | '''Unsigned types''' | ||
| + | |||
| + | {| class="wikitable" style="font-size: 14px; text-align: left; width: 100%; height: 50px;" | ||
| + | |- | ||
| + | | <code>UCHAR = Byte;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | |} | ||
| + | |||
| + | '''Pointer types''' | ||
| + | |||
| + | {| class="wikitable" style="font-size: 14px; text-align: left; width: 100%; height: 50px;" | ||
| + | |- | ||
| + | | <code>PUCHAR = ^Byte;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | |} | ||
| + | |||
| + | '''GUID types''' | ||
| + | |||
| + | {| class="wikitable" style="font-size: 14px; text-align: left; width: 100%; height: 50px;" | ||
| + | |- | ||
| + | | <code>GUID = TGUID;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | |} | ||
| + | |||
| + | '''SID name use''' | ||
| + | |||
| + | {| class="wikitable" style="font-size: 14px; text-align: left; width: 100%; height: 50px;" | ||
| + | |- | ||
| + | | <code>_SID_NAME_USE = DWORD;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>SID_NAME_USE = _SID_NAME_USE;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>PSID_NAME_USE = ^SID_NAME_USE;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>TSidNameUse = SID_NAME_USE;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>PSidNameUse = PSID_NAME_USE;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | |} | ||
| + | |||
| + | '''SID and attributes''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>SID_AND_ATTRIBUTES = _SID_AND_ATTRIBUTES;</code> | ||
| + | |||
| + | <code>TSidAndAttributes = SID_AND_ATTRIBUTES;</code> | ||
| + | |||
| + | <code>PSidAndAttributes = PSID_AND_ATTRIBUTES;</code> | ||
| + | |||
| + | <code>PSID_AND_ATTRIBUTES = ^SID_AND_ATTRIBUTES;</code> | ||
| + | |||
| + | <code>_SID_AND_ATTRIBUTES = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Sid: PSID;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Attributes: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''SID and attributes array''' | ||
| + | |||
| + | {| class="wikitable" style="font-size: 14px; text-align: left; width: 100%; height: 50px;" | ||
| + | |- | ||
| + | | <code>SID_AND_ATTRIBUTES_ARRAY = array [0..ANYSIZE_ARRAY - 1] of SID_AND_ATTRIBUTES;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>PSID_AND_ATTRIBUTES_ARRAY = ^SID_AND_ATTRIBUTES_ARRAY;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>PSidAndAttributesArray = ^TSidAndAttributesArray;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>TSidAndAttributesArray = SID_AND_ATTRIBUTES_ARRAY;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | |} | ||
| + | |||
| + | '''ACL''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>ACL = _ACL;</code> | ||
| + | |||
| + | <code>TAcl = ACL;</code> | ||
| + | |||
| + | <code>PPACL = ^PACL;</code> | ||
| + | |||
| + | <code>PACL = ^ACL;</code> | ||
| + | |||
| + | <code>_ACL = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>AclRevision: Byte;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Sbz1: Byte;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>AclSize: Word;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>AceCount: Word;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Sbz2: Word;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''ACL information class''' | ||
| + | |||
| + | {| class="wikitable" style="font-size: 14px; text-align: left; width: 100%; height: 50px;" | ||
| + | |- | ||
| + | | <code>_ACL_INFORMATION_CLASS = DWORD;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>ACL_INFORMATION_CLASS = _ACL_INFORMATION_CLASS;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>TAclInformationClass = ACL_INFORMATION_CLASS;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | |} | ||
| + | |||
| + | '''ACL revision information''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>ACL_REVISION_INFORMATION = _ACL_REVISION_INFORMATION;</code> | ||
| + | |||
| + | <code>TAclRevisionInformation = ACL_REVISION_INFORMATION;</code> | ||
| + | |||
| + | <code>PAclRevisionInformation = PACL_REVISION_INFORMATION;</code> | ||
| + | |||
| + | <code>PACL_REVISION_INFORMATION = ^ACL_REVISION_INFORMATION;</code> | ||
| + | |||
| + | <code>_ACL_REVISION_INFORMATION = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | |colspan="2"|Note: This record is returned/sent if the user is requesting/setting the AclRevisionInformation | ||
| + | |- | ||
| + | | <code>AclRevision: DWORD;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''ACL size information''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>ACL_SIZE_INFORMATION = _ACL_SIZE_INFORMATION;</code> | ||
| + | |||
| + | <code>TAclSizeInformation = ACL_SIZE_INFORMATION;</code> | ||
| + | |||
| + | <code>PAclSizeInformation = PACL_SIZE_INFORMATION;</code> | ||
| + | |||
| + | <code>PACL_SIZE_INFORMATION = ^ACL_SIZE_INFORMATION;</code> | ||
| + | |||
| + | <code>_ACL_SIZE_INFORMATION = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | |colspan="2"|Note: This record is returned if the user is requesting AclSizeInformation | ||
| + | |- | ||
| + | | <code>AceCount: DWORD;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>AclBytesInUse: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>AclBytesFree: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Access mask''' | ||
| + | |||
| + | {| class="wikitable" style="font-size: 14px; text-align: left; width: 100%; height: 50px;" | ||
| + | |- | ||
| + | | <code>ACCESS_MASK = DWORD;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>PACCESS_MASK = ^ACCESS_MASK;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>TAccessMask = ACCESS_MASK;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>PAccessMask = PACCESS_MASK;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | |} | ||
| + | |||
| + | '''ACE header''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>ACE_HEADER = _ACE_HEADER;</code> | ||
| + | |||
| + | <code>TAceHeader = ACE_HEADER;</code> | ||
| + | |||
| + | <code>PAceHeader = PACE_HEADER;</code> | ||
| + | |||
| + | <code>PACE_HEADER = ^ACE_HEADER;</code> | ||
| + | |||
| + | <code>_ACE_HEADER = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>AceType: Byte;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>AceFlags: Byte;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>AceSize: Word;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Access allowed''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>ACCESS_ALLOWED_ACE = _ACCESS_ALLOWED_ACE;</code> | ||
| + | |||
| + | <code>TAccessAllowedAce = ACCESS_ALLOWED_ACE;</code> | ||
| + | |||
| + | <code>PAccessAllowedAce = PACCESS_ALLOWED_ACE;</code> | ||
| + | |||
| + | <code>PACCESS_ALLOWED_ACE = ^ACCESS_ALLOWED_ACE;</code> | ||
| + | |||
| + | <code>_ACCESS_ALLOWED_ACE = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Header: ACE_HEADER;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Mask: ACCESS_MASK;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>SidStart: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Access denied''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>ACCESS_DENIED_ACE = _ACCESS_DENIED_ACE;</code> | ||
| + | |||
| + | <code>TAccessDeniedAce = ACCESS_DENIED_ACE;</code> | ||
| + | |||
| + | <code>PAccessDeniedAce = PACCESS_DENIED_ACE;</code> | ||
| + | |||
| + | <code>PACCESS_DENIED_ACE = ^ACCESS_DENIED_ACE;</code> | ||
| + | |||
| + | <code>_ACCESS_DENIED_ACE = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Header: ACE_HEADER;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Mask: ACCESS_MASK;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>SidStart: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''System audit''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>SYSTEM_AUDIT_ACE = _SYSTEM_AUDIT_ACE;</code> | ||
| + | |||
| + | <code>TSystemAuditAce = SYSTEM_AUDIT_ACE;</code> | ||
| + | |||
| + | <code>PSystemAuditAce = PSYSTEM_AUDIT_ACE;</code> | ||
| + | |||
| + | <code>PSYSTEM_AUDIT_ACE = ^SYSTEM_AUDIT_ACE;</code> | ||
| + | |||
| + | <code>_SYSTEM_AUDIT_ACE = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Header: ACE_HEADER;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Mask: ACCESS_MASK;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>SidStart: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''System alarm''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>SYSTEM_ALARM_ACE = _SYSTEM_ALARM_ACE;</code> | ||
| + | |||
| + | <code>TSystemAlarmAce = SYSTEM_ALARM_ACE;</code> | ||
| + | |||
| + | <code>PSystemAlarmAce = PSYSTEM_ALARM_ACE;</code> | ||
| + | |||
| + | <code>PSYSTEM_ALARM_ACE = ^SYSTEM_ALARM_ACE;</code> | ||
| + | |||
| + | <code>_SYSTEM_ALARM_ACE = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Header: ACE_HEADER;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Mask: ACCESS_MASK;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>SidStart: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Access allowed object''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>ACCESS_ALLOWED_OBJECT_ACE = _ACCESS_ALLOWED_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>TAccessAllowedObjectAce = ACCESS_ALLOWED_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>PAccessAllowedObjectAce = PACCESS_ALLOWED_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>PACCESS_ALLOWED_OBJECT_ACE = ^ACCESS_ALLOWED_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>_ACCESS_ALLOWED_OBJECT_ACE = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Header: ACE_HEADER;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Mask: ACCESS_MASK;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Flags: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>ObjectType: GUID;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>InheritedObjectType: GUID;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>SidStart: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Access denied object''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>ACCESS_DENIED_OBJECT_ACE = _ACCESS_DENIED_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>TAccessDeniedObjectAce = ACCESS_DENIED_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>PAccessDeniedObjectAce = PACCESS_DENIED_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>PACCESS_DENIED_OBJECT_ACE = ^ACCESS_DENIED_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>_ACCESS_DENIED_OBJECT_ACE = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Header: ACE_HEADER;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Mask: ACCESS_MASK;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Flags: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>ObjectType: GUID;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>InheritedObjectType: GUID;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>SidStart: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''System audit object''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>SYSTEM_AUDIT_OBJECT_ACE = _SYSTEM_AUDIT_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>TSystemAuditObjectAce = SYSTEM_AUDIT_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>PSystemAuditObjectAce = PSYSTEM_AUDIT_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>PSYSTEM_AUDIT_OBJECT_ACE = ^SYSTEM_AUDIT_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>_SYSTEM_AUDIT_OBJECT_ACE = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Header: ACE_HEADER;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Mask: ACCESS_MASK;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Flags: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>ObjectType: GUID;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>InheritedObjectType: GUID;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>SidStart: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''System alarm object''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>SYSTEM_ALARM_OBJECT_ACE = _SYSTEM_ALARM_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>TSystemAlarmObjectAce = SYSTEM_ALARM_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>PSystemAlarmObjectAce = PSYSTEM_ALARM_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>PSYSTEM_ALARM_OBJECT_ACE = ^SYSTEM_ALARM_OBJECT_ACE;</code> | ||
| + | |||
| + | <code>_SYSTEM_ALARM_OBJECT_ACE = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Header: ACE_HEADER;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Mask: ACCESS_MASK;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Flags: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>ObjectType: GUID;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>InheritedObjectType: GUID;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>SidStart: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Security descriptor control''' | ||
| + | |||
| + | {| class="wikitable" style="font-size: 14px; text-align: left; width: 100%; height: 50px;" | ||
| + | |- | ||
| + | | <code>SECURITY_DESCRIPTOR_CONTROL = WORD;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>PSECURITY_DESCRIPTOR_CONTROL = ^SECURITY_DESCRIPTOR_CONTROL;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>TSecurityDescriptorControl = SECURITY_DESCRIPTOR_CONTROL;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | | <code>PSecurityDescriptorControl = PSECURITY_DESCRIPTOR_CONTROL;</code> | ||
| + | | style="width: 40%;"| | ||
| + | |- | ||
| + | |} | ||
| + | |||
| + | '''Security descriptor relative''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>SECURITY_DESCRIPTOR_RELATIVE = _SECURITY_DESCRIPTOR_RELATIVE;</code> | ||
| + | |||
| + | <code>TSecurityDescriptorRelative = SECURITY_DESCRIPTOR_RELATIVE;</code> | ||
| + | |||
| + | <code>PSecurityDescriptorRelative = PSECURITY_DESCRIPTOR_RELATIVE;</code> | ||
| + | |||
| + | <code>PSECURITY_DESCRIPTOR_RELATIVE = ^SECURITY_DESCRIPTOR_RELATIVE;</code> | ||
| + | |||
| + | <code>_SECURITY_DESCRIPTOR_RELATIVE = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Revision: Byte;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Sbz1: Byte;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Control: SECURITY_DESCRIPTOR_CONTROL;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Owner: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Group: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Sacl: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Dacl: DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Security descriptor''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>SECURITY_DESCRIPTOR = _SECURITY_DESCRIPTOR;</code> | ||
| + | |||
| + | <code>TSecurityDescriptor = SECURITY_DESCRIPTOR;</code> | ||
| + | |||
| + | <code>PSecurityDescriptor = PSECURITY_DESCRIPTOR;</code> | ||
| + | |||
| + | <code>PPSECURITY_DESCRIPTOR = ^PSECURITY_DESCRIPTOR;</code> | ||
| + | |||
| + | <code>PSECURITY_DESCRIPTOR = ^SECURITY_DESCRIPTOR;</code> | ||
| + | |||
| + | <code>_SECURITY_DESCRIPTOR = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>Revision: Byte;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>Sbz1: Byte;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Control: SECURITY_DESCRIPTOR_CONTROL;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Owner: PSID;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Group: PSID;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Sacl: PACL;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Dacl: PACL;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Well known SID type''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | |||
| + | <code>WELL_KNOWN_SID_TYPE = (</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>WinNullSid,</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>WinWorldSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinLocalSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinCreatorOwnerSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinCreatorGroupSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinCreatorOwnerServerSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinCreatorGroupServerSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinNtAuthoritySid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinDialupSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinNetworkSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBatchSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinInteractiveSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinServiceSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAnonymousSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinProxySid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinEnterpriseControllersSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinSelfSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAuthenticatedUserSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinRestrictedCodeSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinTerminalServerSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinRemoteLogonIdSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinLogonIdsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinLocalSystemSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinLocalServiceSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinNetworkServiceSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinDomainSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinAdministratorsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinUsersSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinGuestsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinPowerUsersSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinAccountOperatorsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinSystemOperatorsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinPrintOperatorsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinBackupOperatorsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinReplicatorSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinPreWindows2000CompatibleAccessSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinRemoteDesktopUsersSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinBuiltinNetworkConfigurationOperatorsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountAdministratorSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountGuestSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountKrbtgtSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountDomainAdminsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountDomainUsersSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountDomainGuestsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountComputersSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountControllersSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountCertAdminsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountSchemaAdminsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountEnterpriseAdminsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountPolicyAdminsSid,</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>WinAccountRasAndIasServersSid);</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>TWellKnownSidType = WELL_KNOWN_SID_TYPE;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Well known SID''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>PWellKnownSid = ^TWellKnownSid;</code> | ||
| + | |||
| + | <code>TWellKnownSid = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | | <code>SidHeader:TSID;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>SubAuthorities:array[0..5] of DWORD;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Well known ACE''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | |||
| + | <code>TWellKnownAce = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | |colspan="2"|Note: Not Packed (Descriptor Ace defaults) | ||
| + | |- | ||
| + | | <code>AceType:Byte;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>AceFlags:Byte;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>AceSize:Word;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Mask:LongWord;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Sid:TWellKnownSidType;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Well known ACL''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | |||
| + | <code>TWellKnownAcl = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | |colspan="2"|Note: Not Packed (Descriptor Acl defaults) | ||
| + | |- | ||
| + | | <code>AclRevision:Byte;</code> | ||
| + | | style="width: 50%;"| | ||
| + | |- | ||
| + | | <code>AclSize:Word;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>AceCount:Word;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Aces:array[0..7] of TWellKnownAce;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | |||
| + | '''Well known descriptor''' | ||
| + | |||
| + | <div class="toccolours mw-collapsible mw-collapsed" style="border: 1; font-family: arial;"> | ||
| + | <code>PWellKnownDescriptor = ^TWellKnownDescriptor;</code> | ||
| + | |||
| + | <code>TWellKnownDescriptor = record</code> | ||
| + | <div class="mw-collapsible-content" style="text-align: left; padding-left: 5px;"> | ||
| + | {| class="wikitable" style="font-size: 14px; background: white;" | ||
| + | |- | ||
| + | |colspan="2"|Note: Not Packed (Descriptor defaults) | ||
| + | |- | ||
| + | | <code>Size:LongWord;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Revision:Byte;</code> | ||
| + | | Revision | ||
| + | |- | ||
| + | | <code>Control:Word;</code> | ||
| + | | Control Flags | ||
| + | |- | ||
| + | | <code>OwnerOffset:LongWord;</code> | ||
| + | | Offset to Owner SID | ||
| + | |- | ||
| + | | <code>GroupOffset:LongWord;</code> | ||
| + | | Offset to Group SID | ||
| + | |- | ||
| + | | <code>SaclOffset:LongWord;</code> | ||
| + | | Offset to SACL | ||
| + | |- | ||
| + | | <code>DaclOffset:LongWord;</code> | ||
| + | | Offset to DACL | ||
| + | |- | ||
| + | | <code>Owner:TWellKnownSidType;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Group:TWellKnownSidType;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Sacl:TWellKnownAcl;</code> | ||
| + | | | ||
| + | |- | ||
| + | | <code>Dacl:TWellKnownAcl;</code> | ||
| + | | | ||
| + | |- | ||
| + | |} | ||
| + | </div></div> | ||
| + | <br /> | ||
=== Public variables === | === Public variables === | ||
Revision as of 05:20, 3 March 2017
Return to Unit Reference
Description
Ultibo Security interface unit
This unit implements the security support for Ultibo.
Constants
Security specific constants
ANYSIZE_* ANYSIZE_ARRAY = 1;
|
Type definitions
SID identifier authority
SID_IDENTIFIER_AUTHORITY = _SID_IDENTIFIER_AUTHORITY;
TSidIdentifierAuthority = SID_IDENTIFIER_AUTHORITY;
PSidIdentifierAuthority = PSID_IDENTIFIER_AUTHORITY;
PSID_IDENTIFIER_AUTHORITY = ^SID_IDENTIFIER_AUTHORITY;
_SID_IDENTIFIER_AUTHORITY = record
Value: array [0..5] of Byte;
|
SID types
SID = _SID;
PPSID = ^PSID;
TSid = SID;
PSid = ^SID;
_SID = record
Revision: Byte;
|
|
SubAuthorityCount: Byte;
|
|
IdentifierAuthority: SID_IDENTIFIER_AUTHORITY;
|
|
SubAuthority: array [0..ANYSIZE_ARRAY - 1] of DWORD;
|
Signed types
BOOL = LongBool;
|
Unsigned types
UCHAR = Byte;
|
Pointer types
PUCHAR = ^Byte;
|
GUID types
GUID = TGUID;
|
SID name use
_SID_NAME_USE = DWORD;
|
|
SID_NAME_USE = _SID_NAME_USE;
|
|
PSID_NAME_USE = ^SID_NAME_USE;
|
|
TSidNameUse = SID_NAME_USE;
|
|
PSidNameUse = PSID_NAME_USE;
|
SID and attributes
SID_AND_ATTRIBUTES = _SID_AND_ATTRIBUTES;
TSidAndAttributes = SID_AND_ATTRIBUTES;
PSidAndAttributes = PSID_AND_ATTRIBUTES;
PSID_AND_ATTRIBUTES = ^SID_AND_ATTRIBUTES;
_SID_AND_ATTRIBUTES = record
Sid: PSID;
|
|
Attributes: DWORD;
|
SID and attributes array
SID_AND_ATTRIBUTES_ARRAY = array [0..ANYSIZE_ARRAY - 1] of SID_AND_ATTRIBUTES;
|
|
PSID_AND_ATTRIBUTES_ARRAY = ^SID_AND_ATTRIBUTES_ARRAY;
|
|
PSidAndAttributesArray = ^TSidAndAttributesArray;
|
|
TSidAndAttributesArray = SID_AND_ATTRIBUTES_ARRAY;
|
ACL
ACL = _ACL;
TAcl = ACL;
PPACL = ^PACL;
PACL = ^ACL;
_ACL = record
AclRevision: Byte;
|
|
Sbz1: Byte;
|
|
AclSize: Word;
|
|
AceCount: Word;
|
|
Sbz2: Word;
|
ACL information class
_ACL_INFORMATION_CLASS = DWORD;
|
|
ACL_INFORMATION_CLASS = _ACL_INFORMATION_CLASS;
|
|
TAclInformationClass = ACL_INFORMATION_CLASS;
|
ACL revision information
ACL_REVISION_INFORMATION = _ACL_REVISION_INFORMATION;
TAclRevisionInformation = ACL_REVISION_INFORMATION;
PAclRevisionInformation = PACL_REVISION_INFORMATION;
PACL_REVISION_INFORMATION = ^ACL_REVISION_INFORMATION;
_ACL_REVISION_INFORMATION = record
| Note: This record is returned/sent if the user is requesting/setting the AclRevisionInformation | |
AclRevision: DWORD;
|
|
ACL size information
ACL_SIZE_INFORMATION = _ACL_SIZE_INFORMATION;
TAclSizeInformation = ACL_SIZE_INFORMATION;
PAclSizeInformation = PACL_SIZE_INFORMATION;
PACL_SIZE_INFORMATION = ^ACL_SIZE_INFORMATION;
_ACL_SIZE_INFORMATION = record
| Note: This record is returned if the user is requesting AclSizeInformation | |
AceCount: DWORD;
|
|
AclBytesInUse: DWORD;
|
|
AclBytesFree: DWORD;
|
|
Access mask
ACCESS_MASK = DWORD;
|
|
PACCESS_MASK = ^ACCESS_MASK;
|
|
TAccessMask = ACCESS_MASK;
|
|
PAccessMask = PACCESS_MASK;
|
ACE header
ACE_HEADER = _ACE_HEADER;
TAceHeader = ACE_HEADER;
PAceHeader = PACE_HEADER;
PACE_HEADER = ^ACE_HEADER;
_ACE_HEADER = record
AceType: Byte;
|
|
AceFlags: Byte;
|
|
AceSize: Word;
|
Access allowed
ACCESS_ALLOWED_ACE = _ACCESS_ALLOWED_ACE;
TAccessAllowedAce = ACCESS_ALLOWED_ACE;
PAccessAllowedAce = PACCESS_ALLOWED_ACE;
PACCESS_ALLOWED_ACE = ^ACCESS_ALLOWED_ACE;
_ACCESS_ALLOWED_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
SidStart: DWORD;
|
Access denied
ACCESS_DENIED_ACE = _ACCESS_DENIED_ACE;
TAccessDeniedAce = ACCESS_DENIED_ACE;
PAccessDeniedAce = PACCESS_DENIED_ACE;
PACCESS_DENIED_ACE = ^ACCESS_DENIED_ACE;
_ACCESS_DENIED_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
SidStart: DWORD;
|
System audit
SYSTEM_AUDIT_ACE = _SYSTEM_AUDIT_ACE;
TSystemAuditAce = SYSTEM_AUDIT_ACE;
PSystemAuditAce = PSYSTEM_AUDIT_ACE;
PSYSTEM_AUDIT_ACE = ^SYSTEM_AUDIT_ACE;
_SYSTEM_AUDIT_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
SidStart: DWORD;
|
System alarm
SYSTEM_ALARM_ACE = _SYSTEM_ALARM_ACE;
TSystemAlarmAce = SYSTEM_ALARM_ACE;
PSystemAlarmAce = PSYSTEM_ALARM_ACE;
PSYSTEM_ALARM_ACE = ^SYSTEM_ALARM_ACE;
_SYSTEM_ALARM_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
SidStart: DWORD;
|
Access allowed object
ACCESS_ALLOWED_OBJECT_ACE = _ACCESS_ALLOWED_OBJECT_ACE;
TAccessAllowedObjectAce = ACCESS_ALLOWED_OBJECT_ACE;
PAccessAllowedObjectAce = PACCESS_ALLOWED_OBJECT_ACE;
PACCESS_ALLOWED_OBJECT_ACE = ^ACCESS_ALLOWED_OBJECT_ACE;
_ACCESS_ALLOWED_OBJECT_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
Flags: DWORD;
|
|
ObjectType: GUID;
|
|
InheritedObjectType: GUID;
|
|
SidStart: DWORD;
|
Access denied object
ACCESS_DENIED_OBJECT_ACE = _ACCESS_DENIED_OBJECT_ACE;
TAccessDeniedObjectAce = ACCESS_DENIED_OBJECT_ACE;
PAccessDeniedObjectAce = PACCESS_DENIED_OBJECT_ACE;
PACCESS_DENIED_OBJECT_ACE = ^ACCESS_DENIED_OBJECT_ACE;
_ACCESS_DENIED_OBJECT_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
Flags: DWORD;
|
|
ObjectType: GUID;
|
|
InheritedObjectType: GUID;
|
|
SidStart: DWORD;
|
System audit object
SYSTEM_AUDIT_OBJECT_ACE = _SYSTEM_AUDIT_OBJECT_ACE;
TSystemAuditObjectAce = SYSTEM_AUDIT_OBJECT_ACE;
PSystemAuditObjectAce = PSYSTEM_AUDIT_OBJECT_ACE;
PSYSTEM_AUDIT_OBJECT_ACE = ^SYSTEM_AUDIT_OBJECT_ACE;
_SYSTEM_AUDIT_OBJECT_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
Flags: DWORD;
|
|
ObjectType: GUID;
|
|
InheritedObjectType: GUID;
|
|
SidStart: DWORD;
|
System alarm object
SYSTEM_ALARM_OBJECT_ACE = _SYSTEM_ALARM_OBJECT_ACE;
TSystemAlarmObjectAce = SYSTEM_ALARM_OBJECT_ACE;
PSystemAlarmObjectAce = PSYSTEM_ALARM_OBJECT_ACE;
PSYSTEM_ALARM_OBJECT_ACE = ^SYSTEM_ALARM_OBJECT_ACE;
_SYSTEM_ALARM_OBJECT_ACE = record
Header: ACE_HEADER;
|
|
Mask: ACCESS_MASK;
|
|
Flags: DWORD;
|
|
ObjectType: GUID;
|
|
InheritedObjectType: GUID;
|
|
SidStart: DWORD;
|
Security descriptor control
SECURITY_DESCRIPTOR_CONTROL = WORD;
|
|
PSECURITY_DESCRIPTOR_CONTROL = ^SECURITY_DESCRIPTOR_CONTROL;
|
|
TSecurityDescriptorControl = SECURITY_DESCRIPTOR_CONTROL;
|
|
PSecurityDescriptorControl = PSECURITY_DESCRIPTOR_CONTROL;
|
Security descriptor relative
SECURITY_DESCRIPTOR_RELATIVE = _SECURITY_DESCRIPTOR_RELATIVE;
TSecurityDescriptorRelative = SECURITY_DESCRIPTOR_RELATIVE;
PSecurityDescriptorRelative = PSECURITY_DESCRIPTOR_RELATIVE;
PSECURITY_DESCRIPTOR_RELATIVE = ^SECURITY_DESCRIPTOR_RELATIVE;
_SECURITY_DESCRIPTOR_RELATIVE = record
Revision: Byte;
|
|
Sbz1: Byte;
|
|
Control: SECURITY_DESCRIPTOR_CONTROL;
|
|
Owner: DWORD;
|
|
Group: DWORD;
|
|
Sacl: DWORD;
|
|
Dacl: DWORD;
|
Security descriptor
SECURITY_DESCRIPTOR = _SECURITY_DESCRIPTOR;
TSecurityDescriptor = SECURITY_DESCRIPTOR;
PSecurityDescriptor = PSECURITY_DESCRIPTOR;
PPSECURITY_DESCRIPTOR = ^PSECURITY_DESCRIPTOR;
PSECURITY_DESCRIPTOR = ^SECURITY_DESCRIPTOR;
_SECURITY_DESCRIPTOR = record
Revision: Byte;
|
|
Sbz1: Byte;
|
|
Control: SECURITY_DESCRIPTOR_CONTROL;
|
|
Owner: PSID;
|
|
Group: PSID;
|
|
Sacl: PACL;
|
|
Dacl: PACL;
|
Well known SID type
WELL_KNOWN_SID_TYPE = (
WinNullSid,
|
|
WinWorldSid,
|
|
WinLocalSid,
|
|
WinCreatorOwnerSid,
|
|
WinCreatorGroupSid,
|
|
WinCreatorOwnerServerSid,
|
|
WinCreatorGroupServerSid,
|
|
WinNtAuthoritySid,
|
|
WinDialupSid,
|
|
WinNetworkSid,
|
|
WinBatchSid,
|
|
WinInteractiveSid,
|
|
WinServiceSid,
|
|
WinAnonymousSid,
|
|
WinProxySid,
|
|
WinEnterpriseControllersSid,
|
|
WinSelfSid,
|
|
WinAuthenticatedUserSid,
|
|
WinRestrictedCodeSid,
|
|
WinTerminalServerSid,
|
|
WinRemoteLogonIdSid,
|
|
WinLogonIdsSid,
|
|
WinLocalSystemSid,
|
|
WinLocalServiceSid,
|
|
WinNetworkServiceSid,
|
|
WinBuiltinDomainSid,
|
|
WinBuiltinAdministratorsSid,
|
|
WinBuiltinUsersSid,
|
|
WinBuiltinGuestsSid,
|
|
WinBuiltinPowerUsersSid,
|
|
WinBuiltinAccountOperatorsSid,
|
|
WinBuiltinSystemOperatorsSid,
|
|
WinBuiltinPrintOperatorsSid,
|
|
WinBuiltinBackupOperatorsSid,
|
|
WinBuiltinReplicatorSid,
|
|
WinBuiltinPreWindows2000CompatibleAccessSid,
|
|
WinBuiltinRemoteDesktopUsersSid,
|
|
WinBuiltinNetworkConfigurationOperatorsSid,
|
|
WinAccountAdministratorSid,
|
|
WinAccountGuestSid,
|
|
WinAccountKrbtgtSid,
|
|
WinAccountDomainAdminsSid,
|
|
WinAccountDomainUsersSid,
|
|
WinAccountDomainGuestsSid,
|
|
WinAccountComputersSid,
|
|
WinAccountControllersSid,
|
|
WinAccountCertAdminsSid,
|
|
WinAccountSchemaAdminsSid,
|
|
WinAccountEnterpriseAdminsSid,
|
|
WinAccountPolicyAdminsSid,
|
|
WinAccountRasAndIasServersSid);
|
|
TWellKnownSidType = WELL_KNOWN_SID_TYPE;
|
Well known SID
PWellKnownSid = ^TWellKnownSid;
TWellKnownSid = record
SidHeader:TSID;
|
|
SubAuthorities:array[0..5] of DWORD;
|
Well known ACE
TWellKnownAce = record
| Note: Not Packed (Descriptor Ace defaults) | |
AceType:Byte;
|
|
AceFlags:Byte;
|
|
AceSize:Word;
|
|
Mask:LongWord;
|
|
Sid:TWellKnownSidType;
|
|
Well known ACL
TWellKnownAcl = record
| Note: Not Packed (Descriptor Acl defaults) | |
AclRevision:Byte;
|
|
AclSize:Word;
|
|
AceCount:Word;
|
|
Aces:array[0..7] of TWellKnownAce;
|
|
Well known descriptor
PWellKnownDescriptor = ^TWellKnownDescriptor;
TWellKnownDescriptor = record
| Note: Not Packed (Descriptor defaults) | |
Size:LongWord;
|
|
Revision:Byte;
|
Revision |
Control:Word;
|
Control Flags |
OwnerOffset:LongWord;
|
Offset to Owner SID |
GroupOffset:LongWord;
|
Offset to Group SID |
SaclOffset:LongWord;
|
Offset to SACL |
DaclOffset:LongWord;
|
Offset to DACL |
Owner:TWellKnownSidType;
|
|
Group:TWellKnownSidType;
|
|
Sacl:TWellKnownAcl;
|
|
Dacl:TWellKnownAcl;
|
|
Public variables
None defined
Function declarations
Security Functions
function IsWellKnownSid(Sid: PSID; WellKnownSidType: WELL_KNOWN_SID_TYPE): BOOL;
Description: To be documented
| Note | None documented |
|---|
function CreateWellKnownSid(WellKnownSidType: WELL_KNOWN_SID_TYPE; DomainSid: PSID; Sid: PSID; var cbSid: DWORD): BOOL;
Description: To be documented
| Note | None documented |
|---|
function IsValidSid(Sid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function EqualSid(Sid1, Sid2: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function EqualPrefixSid(Sid1, Sid2: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function GetSidLengthRequired(nSubAuthorityCount: UCHAR): DWORD;
Description: To be documented
| Note | None documented |
|---|
function AllocateAndInitializeSid(const pIdentifierAuthority: TSIDIdentifierAuthority; nSubAuthorityCount: Byte; nSubAuthority0, nSubAuthority1: DWORD; nSubAuthority2, nSubAuthority3, nSubAuthority4: DWORD; nSubAuthority5, nSubAuthority6, nSubAuthority7: DWORD; var Sid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function FreeSid(Sid: PSID): Pointer;
Description: To be documented
| Note | None documented |
|---|
function InitializeSid(Sid: PSID; const pIdentifierAuthority: TSIDIdentifierAuthority; nSubAuthorityCount: Byte): BOOL;
Description: To be documented
| Note | None documented |
|---|
function GetSidIdentifierAuthority(Sid: PSID): PSIDIdentifierAuthority;
Description: To be documented
| Note | None documented |
|---|
function GetSidSubAuthority(Sid: PSID; nSubAuthority: DWORD): PDWORD;
Description: To be documented
| Note | None documented |
|---|
function GetSidSubAuthorityCount(Sid: PSID): PUCHAR;
Description: To be documented
| Note | None documented |
|---|
function GetLengthSid(Sid: PSID): DWORD;
Description: To be documented
| Note | None documented |
|---|
function CopySid(nDestinationSidLength: DWORD; pDestinationSid, pSourceSid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function ConvertSidToStringSid(Sid: PSID; var StringSid: PChar): BOOL;
Description: To be documented
| Note | None documented |
|---|
function ConvertStringSidToSid(StringSid: PChar; var Sid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function IsValidAcl(const pAcl: TACL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function InitializeAcl(var pAcl: TACL; nAclLength, dwAclRevision: DWORD): BOOL;
Description: To be documented
| Note | None documented |
|---|
function GetAclInformation(const pAcl: TACL; pAclInformation: Pointer; nAclInformationLength: DWORD; dwAclInformationClass: TAclInformationClass): BOOL;
Description: To be documented
| Note | None documented |
|---|
function SetAclInformation(var pAcl: TACL; pAclInformation: Pointer; nAclInformationLength: DWORD; dwAclInformationClass: TAclInformationClass): BOOL;
Description: To be documented
| Note | None documented |
|---|
function AddAce(var pAcl: TACL; dwAceRevision, dwStartingAceIndex: DWORD; pAceList: Pointer; nAceListLength: DWORD): BOOL;
Description: To be documented
| Note | None documented |
|---|
function DeleteAce(var pAcl: TACL; dwAceIndex: DWORD): BOOL;
Description: To be documented
| Note | None documented |
|---|
function GetAce(const pAcl: TACL; dwAceIndex: DWORD; var pAce: Pointer): BOOL;
Description: To be documented
| Note | None documented |
|---|
function AddAccessAllowedAce(var pAcl: TACL; dwAceRevision: DWORD; AccessMask: DWORD; Sid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function AddAccessAllowedAceEx(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; AccessMask: DWORD; Sid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function AddAccessDeniedAce(var pAcl: TACL; dwAceRevision: DWORD; AccessMask: DWORD; Sid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function AddAccessDeniedAceEx(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; AccessMask: DWORD; Sid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function AddAuditAccessAce(var pAcl: TACL; dwAceRevision: DWORD; dwAccessMask: DWORD; Sid: PSID; bAuditSuccess, bAuditFailure: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function AddAuditAccessAceEx(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; dwAccessMask: DWORD; Sid: PSID; bAuditSuccess, bAuditFailure: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function AddAccessAllowedObjectAce(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; AccessMask: DWORD; ObjectTypeGuid, InheritedObjectTypeGuid: PGUID; Sid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function AddAccessDeniedObjectAce(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; AccessMask: DWORD; ObjectTypeGuid, InheritedObjectTypeGuid: PGUID; Sid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function AddAuditAccessObjectAce(var pAcl: TACL; dwAceRevision: DWORD; AceFlags: DWORD; AccessMask: DWORD; ObjectTypeGuid, InheritedObjectTypeGuid: PGUID; Sid: PSID; bAuditSuccess, bAuditFailure: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function FindFirstFreeAce(var pAcl: TACL; var pAce: Pointer): BOOL;
Description: To be documented
| Note | None documented |
|---|
function InitializeSecurityDescriptor(pSecurityDescriptor: PSecurityDescriptor; dwRevision: DWORD): BOOL;
Description: To be documented
| Note | None documented |
|---|
function IsValidSecurityDescriptor(pSecurityDescriptor: PSecurityDescriptor): BOOL;
Description: To be documented
| Note | None documented |
|---|
function GetSecurityDescriptorLength(pSecurityDescriptor: PSecurityDescriptor): DWORD;
Description: To be documented
| Note | None documented |
|---|
function GetSecurityDescriptorControl(pSecurityDescriptor: PSecurityDescriptor; var pControl: SECURITY_DESCRIPTOR_CONTROL; var lpdwRevision: DWORD): BOOL;
Description: To be documented
| Note | None documented |
|---|
function SetSecurityDescriptorControl(pSecurityDescriptor: PSecurityDescriptor; ControlBitsOfInterest, ControlBitsToSet: SECURITY_DESCRIPTOR_CONTROL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function GetSecurityDescriptorDacl(pSecurityDescriptor: PSecurityDescriptor; var lpbDaclPresent: BOOL; var pDacl: PACL; var lpbDaclDefaulted: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function SetSecurityDescriptorDacl(pSecurityDescriptor: PSecurityDescriptor; bDaclPresent: BOOL; pDacl: PACL; bDaclDefaulted: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function GetSecurityDescriptorSacl(pSecurityDescriptor: PSecurityDescriptor; var lpbSaclPresent: BOOL; var pSacl: PACL; var lpbSaclDefaulted: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function SetSecurityDescriptorSacl(pSecurityDescriptor: PSecurityDescriptor; bSaclPresent: BOOL; pSacl: PACL; bSaclDefaulted: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function GetSecurityDescriptorOwner(pSecurityDescriptor: PSecurityDescriptor; var pOwner: PSID; var lpbOwnerDefaulted: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function SetSecurityDescriptorOwner(pSecurityDescriptor: PSecurityDescriptor; pOwner: PSID; bOwnerDefaulted: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function GetSecurityDescriptorGroup(pSecurityDescriptor: PSecurityDescriptor; var pGroup: PSID; var lpbGroupDefaulted: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function SetSecurityDescriptorGroup(pSecurityDescriptor: PSecurityDescriptor; pGroup: PSID; bGroupDefaulted: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function MakeSelfRelativeSD(pAbsoluteSecurityDescriptor: PSecurityDescriptor; pSelfRelativeSecurityDescriptor: PSecurityDescriptor; var lpdwBufferLength: DWORD): BOOL;
Description: To be documented
| Note | None documented |
|---|
function MakeAbsoluteSD(pSelfRelativeSecurityDescriptor: PSecurityDescriptor; pAbsoluteSecurityDescriptor: PSecurityDescriptor; var lpdwAbsoluteSecurityDescriptorSi: DWORD; var pDacl: TACL; var lpdwDaclSize: DWORD; var pSacl: TACL; var lpdwSaclSize: DWORD; pOwner: PSID; var lpdwOwnerSize: DWORD; pPrimaryGroup: PSID; var lpdwPrimaryGroupSize: DWORD): BOOL;
Description: To be documented
| Note | None documented |
|---|
function MakeAbsoluteSD2(pSelfRelativeSecurityDescriptor: PSecurityDescriptor; var lpdwBufferSize: DWORD): BOOL;
Description: To be documented
| Note | None documented |
|---|
Security helper functions
function SplitStringSid(const StringSid:String):TStringList;
Description: To be documented
| Note | None documented |
|---|
function CreateDefaultSid(var pCreatedSid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function DestroyDefaultSid(pDefaultSid: PSID): BOOL;
Description: To be documented
| Note | None documented |
|---|
function CreateDefaultSecurityDescriptor(var pCreatedSecurityDescriptor: PSecurityDescriptor; bFolder: BOOL): BOOL;
Description: To be documented
| Note | None documented |
|---|
function DestroyDefaultSecurityDescriptor(pDefaultSecurityDescriptor: PSecurityDescriptor): BOOL;
Description: To be documented
| Note | None documented |
|---|
function CreateInheritedSecurityDescriptorNT(pParentSecurityDescriptor: PSecurityDescriptor; var pCreatedSecurityDescriptor: PSecurityDescriptor): BOOL;
Description: To be documented
| Note | None documented |
|---|
function CreateInheritedSecurityDescriptor2K(pParentSecurityDescriptor: PSecurityDescriptor; var pCreatedSecurityDescriptor: PSecurityDescriptor): BOOL;
Description: To be documented
| Note | None documented |
|---|
function CreateMergedSecurityDescriptor2K(pParentSecurityDescriptor, pChildSecurityDescriptor: PSecurityDescriptor; var pCreatedSecurityDescriptor: PSecurityDescriptor): BOOL;
Description: To be documented
| Note | None documented |
|---|
function DestroyInheritedSecurityDescriptor(pInheritedSecurityDescriptor: PSecurityDescriptor): BOOL;
Description: To be documented
| Note | None documented |
|---|
function DestroyMergedSecurityDescriptor(pMergedSecurityDescriptor: PSecurityDescriptor): BOOL;
Description: To be documented
| Note | None documented |
|---|
Return to Unit Reference
