Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-03 17:56:00 +00:00
Code Issues Projects Releases Packages Wiki Activity

Create missing default DACLs.

Browse source 
svn path=/trunk/; revision=10184
This commit is contained in:
Eric Kohl 2004-07-17 20:32:11 +00:00
parent 349c610706
commit 23dac2681b
1 changed files with 77 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

82
reactos/ntoskrnl/se/acl.c
View file

@ -1,4 +1,4 @@
/* $Id: acl.c,v 1.17 2004/02/02 20:59:46 ekohl Exp $ /* $Id: acl.c,v 1.18 2004/07/17 20:32:11 ekohl Exp $
* *
* COPYRIGHT: See COPYING in the top level directory * COPYRIGHT: See COPYING in the top level directory
* PROJECT: ReactOS kernel * PROJECT: ReactOS kernel
@ -51,7 +51,7 @@ SepInitDACLs(VOID)
AclLength2, AclLength2,
TAG_ACL); TAG_ACL);
if (SePublicDefaultDacl == NULL) if (SePublicDefaultDacl == NULL)
return(FALSE); return FALSE;
RtlCreateAcl(SePublicDefaultDacl, RtlCreateAcl(SePublicDefaultDacl,
AclLength2, AclLength2,
@ -73,7 +73,7 @@ SepInitDACLs(VOID)
AclLength4, AclLength4,
TAG_ACL); TAG_ACL);
if (SePublicDefaultUnrestrictedDacl == NULL) if (SePublicDefaultUnrestrictedDacl == NULL)
return(FALSE); return FALSE;
RtlCreateAcl(SePublicDefaultUnrestrictedDacl, RtlCreateAcl(SePublicDefaultUnrestrictedDacl,
AclLength4, AclLength4,
@ -96,7 +96,7 @@ SepInitDACLs(VOID)
RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl, RtlAddAccessAllowedAce(SePublicDefaultUnrestrictedDacl,
ACL_REVISION, ACL_REVISION,
GENERIC_READ | GENERIC_EXECUTE | STANDARD_RIGHTS_READ, GENERIC_READ | GENERIC_EXECUTE | READ_CONTROL,
SeRestrictedCodeSid); SeRestrictedCodeSid);
/* create PublicOpenDacl */ /* create PublicOpenDacl */
@ -104,7 +104,7 @@ SepInitDACLs(VOID)
AclLength3, AclLength3,
TAG_ACL); TAG_ACL);
if (SePublicOpenDacl == NULL) if (SePublicOpenDacl == NULL)
return(FALSE); return FALSE;
RtlCreateAcl(SePublicOpenDacl, RtlCreateAcl(SePublicOpenDacl,
AclLength3, AclLength3,
@ -125,6 +125,78 @@ SepInitDACLs(VOID)
GENERIC_ALL, GENERIC_ALL,
SeAliasAdminsSid); SeAliasAdminsSid);
/* create PublicOpenUnrestrictedDacl */
SePublicOpenUnrestrictedDacl = ExAllocatePoolWithTag(NonPagedPool,
AclLength4,
TAG_ACL);
if (SePublicOpenUnrestrictedDacl == NULL)
return FALSE;
RtlCreateAcl(SePublicOpenUnrestrictedDacl,
AclLength4,
ACL_REVISION);
RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
ACL_REVISION,
GENERIC_ALL,
SeWorldSid);
RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
ACL_REVISION,
GENERIC_ALL,
SeLocalSystemSid);
RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
ACL_REVISION,
GENERIC_ALL,
SeAliasAdminsSid);
RtlAddAccessAllowedAce(SePublicOpenUnrestrictedDacl,
ACL_REVISION,
GENERIC_READ | GENERIC_EXECUTE,
SeRestrictedCodeSid);
/* create SystemDefaultDacl */
SeSystemDefaultDacl = ExAllocatePoolWithTag(NonPagedPool,
AclLength2,
TAG_ACL);
if (SeSystemDefaultDacl == NULL)
return FALSE;
RtlCreateAcl(SeSystemDefaultDacl,
AclLength2,
ACL_REVISION);
RtlAddAccessAllowedAce(SeSystemDefaultDacl,
ACL_REVISION,
GENERIC_ALL,
SeLocalSystemSid);
RtlAddAccessAllowedAce(SeSystemDefaultDacl,
ACL_REVISION,
GENERIC_READ | GENERIC_EXECUTE | READ_CONTROL,
SeAliasAdminsSid);
/* create UnrestrictedDacl */
SeUnrestrictedDacl = ExAllocatePoolWithTag(NonPagedPool,
AclLength2,
TAG_ACL);
if (SeUnrestrictedDacl == NULL)
return FALSE;
RtlCreateAcl(SeUnrestrictedDacl,
AclLength2,
ACL_REVISION);
RtlAddAccessAllowedAce(SeUnrestrictedDacl,
ACL_REVISION,
GENERIC_ALL,
SeWorldSid);
RtlAddAccessAllowedAce(SeUnrestrictedDacl,
ACL_REVISION,
GENERIC_READ | GENERIC_EXECUTE,
SeRestrictedCodeSid);
return(TRUE); return(TRUE);
} }