Added some more security functions

svn path=/trunk/; revision=1106

reactos/include/ddk/sefuncs.h

@@ -1,6 +1,6 @@
 #ifndef _INCLUDE_DDK_SEFUNCS_H
 #define _INCLUDE_DDK_SEFUNCS_H
-/* $Id: sefuncs.h,v 1.8 2000/04/05 15:47:40 ekohl Exp $ */
+/* $Id: sefuncs.h,v 1.9 2000/04/06 02:27:17 ekohl Exp $ */
 NTSTATUS STDCALL RtlCreateAcl(PACL Acl, ULONG AclSize, ULONG AclRevision);
 NTSTATUS STDCALL RtlQueryInformationAcl (PACL Acl, PVOID Information, ULONG InformationLength, ACL_INFORMATION_CLASS InformationClass);
 NTSTATUS STDCALL RtlSetInformationAcl (PACL Acl, PVOID Information, ULONG InformationLength, ACL_INFORMATION_CLASS InformationClass);
@@ -15,6 +15,7 @@ BOOLEAN STDCALL RtlFirstFreeAce(PACL Acl, PACE* Ace);
 NTSTATUS STDCALL RtlGetAce(PACL Acl, ULONG AceIndex, PACE *Ace);
 
 NTSTATUS STDCALL RtlAbsoluteToSelfRelativeSD (PSECURITY_DESCRIPTOR AbsSD, PSECURITY_DESCRIPTOR RelSD, PULONG BufferLength);
+NTSTATUS STDCALL RtlMakeSelfRelativeSD (PSECURITY_DESCRIPTOR AbsSD, PSECURITY_DESCRIPTOR RelSD, PULONG BufferLength);
 NTSTATUS STDCALL RtlCreateSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, ULONG Revision);
 BOOLEAN STDCALL RtlValidSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor);
 ULONG STDCALL RtlLengthSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor);
@@ -24,6 +25,20 @@ NTSTATUS STDCALL RtlSetOwnerSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDes
 NTSTATUS STDCALL RtlGetOwnerSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSID* Owner, PBOOLEAN OwnerDefaulted);
 NTSTATUS STDCALL RtlSetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSID Group, BOOLEAN GroupDefaulted);
 NTSTATUS STDCALL RtlGetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSID* Group, PBOOLEAN GroupDefaulted);
+NTSTATUS STDCALL RtlGetControlSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PSECURITY_DESCRIPTOR_CONTROL Control, PULONG Revision);
+NTSTATUS STDCALL RtlSetSaclSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, BOOLEAN SaclPresent, PACL Sacl, BOOLEAN SaclDefaulted);
+NTSTATUS STDCALL RtlGetSaclSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescriptor, PBOOLEAN SaclPresent, PACL* Sacl, PBOOLEAN SaclDefauted);
+NTSTATUS STDCALL RtlSelfRelativeToAbsoluteSD (PSECURITY_DESCRIPTOR RelSD,
+					      PSECURITY_DESCRIPTOR AbsSD,
+					      LPDWORD AbsSDSize,
+					      PACL Dacl,
+					      LPDWORD DaclSize,
+					      PACL Sacl,
+					      LPDWORD SaclSize,
+					      PSID Owner,
+					      LPDWORD OwnerSize,
+					      PSID Group,
+					      LPDWORD GroupSize);
 
 NTSTATUS STDCALL RtlAllocateAndInitializeSid (PSID_IDENTIFIER_AUTHORITY IdentifierAuthority,
 					      UCHAR SubAuthorityCount,
@@ -49,6 +64,10 @@ PULONG STDCALL RtlSubAuthoritySid (PSID Sid, ULONG SubAuthority);
 PUCHAR STDCALL RtlSubAuthorityCountSid (PSID Sid);
 BOOLEAN STDCALL RtlValidSid (PSID Sid);
 
+BOOLEAN STDCALL RtlAreAllAccessesGranted (ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess);
+BOOLEAN STDCALL RtlAreAnyAccessesGranted (ACCESS_MASK GrantedAccess, ACCESS_MASK DesiredAccess);
+VOID STDCALL RtlMapGenericMask (PACCESS_MASK AccessMask, PGENERIC_MAPPING GenericMapping);
+
 BOOLEAN STDCALL SeAccessCheck (IN PSECURITY_DESCRIPTOR SecurityDescriptor,
 		      IN PSECURITY_SUBJECT_CONTEXT SubjectSecurityContext,
 		      IN BOOLEAN SubjectContextLocked,

reactos/include/security.h

@@ -28,16 +28,16 @@ typedef ULONG TOKEN_TYPE, *PTOKEN_TYPE;
 #define TokenPrimary           ((TOKEN_TYPE)1)
 #define TokenImpersonation     ((TOKEN_TYPE)2)
 
-typedef ULONG ACCESS_MASK;
+typedef ULONG ACCESS_MASK, *PACCESS_MASK;
 typedef ULONG ACCESS_MODE, *PACCESS_MODE;
 
-typedef struct _SECURITY_QUALITY_OF_SERVICE { 
+typedef struct _SECURITY_QUALITY_OF_SERVICE {
-  DWORD Length; 
+  DWORD Length;
-  SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; 
+  SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
   /* SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode; */
-  WINBOOL ContextTrackingMode; 
+  WINBOOL ContextTrackingMode;
-  BOOLEAN EffectiveOnly; 
+  BOOLEAN EffectiveOnly;
-} SECURITY_QUALITY_OF_SERVICE; 
+} SECURITY_QUALITY_OF_SERVICE;
 
 typedef SECURITY_QUALITY_OF_SERVICE* PSECURITY_QUALITY_OF_SERVICE;
 
@@ -61,7 +61,7 @@ typedef struct _SID_IDENTIFIER_AUTHORITY
 
 #define SECURITY_WORLD_SID_AUTHORITY      {0,0,0,0,0,1}
 
-typedef struct _SID 
+typedef struct _SID
 {
    UCHAR  Revision;
    UCHAR  SubAuthorityCount;

reactos/lib/advapi32/advapi32.edf

@@ -1,4 +1,4 @@
-; $Id: advapi32.edf,v 1.7 2000/04/05 01:40:35 ekohl Exp $
+; $Id: advapi32.edf,v 1.8 2000/04/06 02:29:43 ekohl Exp $
 ;
 ; advapi32.def
 ;
@@ -151,7 +151,7 @@ GetSecurityDescriptorDacl=GetSecurityDescriptorDacl@16
 GetSecurityDescriptorGroup=GetSecurityDescriptorGroup@12
 GetSecurityDescriptorLength=GetSecurityDescriptorLength@4
 GetSecurityDescriptorOwner=GetSecurityDescriptorOwner@12
-;GetSecurityDescriptorSacl=GetSecurityDescriptorSacl@16
+GetSecurityDescriptorSacl=GetSecurityDescriptorSacl@16
 ;GetSecurityInfo=GetSecurityInfo@32
 GetServiceDisplayNameA=GetServiceDisplayNameA@16
 GetServiceDisplayNameW=GetServiceDisplayNameW@16
@@ -250,8 +250,8 @@ LockServiceDatabase=LockServiceDatabase@4
 ;LsaSetSystemAccessAccount=LsaSetSystemAccessAccount@8
 ;LsaSetTrustedDomainInformation=LsaSetTrustedDomainInformation@16
 ;LsaStorePrivateData=LsaStorePrivateData@12
-;MakeAbsoluteSD=MakeAbsoluteSD@44
+MakeAbsoluteSD=MakeAbsoluteSD@44
-;MakeSelfRelativeSD=MakeSelfRelativeSD@12
+MakeSelfRelativeSD=MakeSelfRelativeSD@12
 ;MapGenericMask=MapGenericMask@8
 ;NTAccessMaskToProvAccessRights=NTAccessMaskToProvAccessRights@12
 ;NotifyBootConfigStatus=NotifyBootConfigStatus@4
@@ -359,7 +359,7 @@ SetAclInformation=SetAclInformation@16
 SetSecurityDescriptorDacl=SetSecurityDescriptorDacl@16
 SetSecurityDescriptorGroup=SetSecurityDescriptorGroup@12
 SetSecurityDescriptorOwner=SetSecurityDescriptorOwner@12
-;SetSecurityDescriptorSacl=SetSecurityDescriptorSacl@16
+SetSecurityDescriptorSacl=SetSecurityDescriptorSacl@16
 ;SetSecurityInfo=SetSecurityInfo@28
 ;SetServiceBits=SetServiceBits@16
 SetServiceObjectSecurity=SetServiceObjectSecurity@12

reactos/lib/advapi32/sec/sec.c

@@ -21,12 +21,11 @@ GetSecurityDescriptorControl (
 	LPDWORD				lpdwRevision
 	)
 {
-#if 0
 	NTSTATUS Status;
 
 	Status = RtlGetControlSecurityDescriptor (pSecurityDescriptor,
 	                                          pControl,
-	                                          lpdwRevision);
+	                                          (PULONG)lpdwRevision);
 	if (!NT_SUCCESS(Status))
 	{
 		SetLastError (RtlNtStatusToDosError (Status));
@@ -34,10 +33,6 @@ GetSecurityDescriptorControl (
 	}
 
 	return TRUE;
-#endif
-
-	SetLastError(ERROR_CALL_NOT_IMPLEMENTED);
-	return FALSE;
 }
 
 
@@ -133,7 +128,34 @@ GetSecurityDescriptorOwner (
 }
 
 
-/* GetSecurityDescriptorSacl */
+BOOL
+STDCALL
+GetSecurityDescriptorSacl (
+	PSECURITY_DESCRIPTOR	pSecurityDescriptor,
+	LPBOOL			lpbSaclPresent,
+	PACL			*pSacl,
+	LPBOOL			lpbSaclDefaulted
+	)
+{
+	BOOLEAN SaclPresent;
+	BOOLEAN SaclDefaulted;
+	NTSTATUS Status;
+
+	Status = RtlGetSaclSecurityDescriptor (pSecurityDescriptor,
+	                                       &SaclPresent,
+	                                       pSacl,
+	                                       &SaclDefaulted);
+	*lpbSaclPresent = (BOOL)SaclPresent;
+	*lpbSaclDefaulted = (BOOL)SaclDefaulted;
+
+	if (!NT_SUCCESS(Status))
+	{
+		SetLastError (RtlNtStatusToDosError (Status));
+		return FALSE;
+	}
+
+	return TRUE;
+}
 
 
 BOOL
@@ -162,13 +184,75 @@ IsValidSecurityDescriptor (
 	PSECURITY_DESCRIPTOR	pSecurityDescriptor
 	)
 {
-	BOOL Result;
+	BOOLEAN Result;
 
 	Result = RtlValidSecurityDescriptor (pSecurityDescriptor);
 	if (Result == FALSE)
 		SetLastError (RtlNtStatusToDosError (STATUS_INVALID_SECURITY_DESCR));
 
-	return Result;
+	return (BOOL)Result;
+}
+
+
+WINBOOL
+STDCALL
+MakeAbsoluteSD (
+	PSECURITY_DESCRIPTOR	pSelfRelativeSecurityDescriptor,
+	PSECURITY_DESCRIPTOR	pAbsoluteSecurityDescriptor,
+	LPDWORD			lpdwAbsoluteSecurityDescriptorSize,
+	PACL			pDacl,
+	LPDWORD			lpdwDaclSize,
+	PACL			pSacl,
+	LPDWORD			lpdwSaclSize,
+	PSID			pOwner,
+	LPDWORD			lpdwOwnerSize,
+	PSID			pPrimaryGroup,
+	LPDWORD			lpdwPrimaryGroupSize
+	)
+{
+	NTSTATUS Status;
+
+	Status = RtlSelfRelativeToAbsoluteSD (pSelfRelativeSecurityDescriptor,
+	                                      pAbsoluteSecurityDescriptor,
+	                                      lpdwAbsoluteSecurityDescriptorSize,
+	                                      pDacl,
+	                                      lpdwDaclSize,
+	                                      pSacl,
+	                                      lpdwSaclSize,
+	                                      pOwner,
+	                                      lpdwOwnerSize,
+	                                      pPrimaryGroup,
+	                                      lpdwPrimaryGroupSize);
+	if (!NT_SUCCESS(Status))
+	{
+		SetLastError (RtlNtStatusToDosError (Status));
+		return FALSE;
+	}
+
+	return TRUE;
+}
+
+
+WINBOOL
+STDCALL
+MakeSelfRelativeSD (
+	PSECURITY_DESCRIPTOR	pAbsoluteSecurityDescriptor,
+	PSECURITY_DESCRIPTOR	pSelfRelativeSecurityDescriptor,
+	LPDWORD			lpdwBufferLength
+	)
+{
+	NTSTATUS Status;
+
+	Status = RtlAbsoluteToSelfRelativeSD (pAbsoluteSecurityDescriptor,
+	                                      pSelfRelativeSecurityDescriptor,
+	                                      (PULONG)lpdwBufferLength);
+	if (!NT_SUCCESS(Status))
+	{
+		SetLastError (RtlNtStatusToDosError (Status));
+		return FALSE;
+	}
+
+	return TRUE;
 }
 
 
@@ -243,7 +327,28 @@ SetSecurityDescriptorOwner (
 }
 
 
-/* SetSecurityDescriptorSacl */
+BOOL
+STDCALL
+SetSecurityDescriptorSacl (
+	PSECURITY_DESCRIPTOR	pSecurityDescriptor,
+	BOOL			bSaclPresent,
+	PACL			pSacl,
+	BOOL			bSaclDefaulted
+	)
+{
+	NTSTATUS Status;
 
+	Status = RtlSetSaclSecurityDescriptor (pSecurityDescriptor,
+	                                       bSaclPresent,
+	                                       pSacl,
+	                                       bSaclDefaulted);
+	if (!NT_SUCCESS(Status))
+	{
+		SetLastError (RtlNtStatusToDosError (Status));
+		return FALSE;
+	}
+
+	return TRUE;
+}
 
 /* EOF */

reactos/lib/ntdll/def/ntdll.def

@@ -1,4 +1,4 @@
-; $Id: ntdll.def,v 1.49 2000/04/05 01:38:50 ekohl Exp $
+; $Id: ntdll.def,v 1.50 2000/04/06 02:28:45 ekohl Exp $
 ;
 ; ReactOS Operating System
 ;
@@ -253,8 +253,8 @@ RtlAppendUnicodeStringToString@12
 RtlAppendUnicodeToString@12
 ;RtlApplyRXact
 ;RtlApplyRXactNoFlush
-;RtlAreAllAccessesGranted
+RtlAreAllAccessesGranted@8
-;RtlAreAnyAccessesGranted
+RtlAreAnyAccessesGranted@8
 RtlAreBitsClear@12
 RtlAreBitsSet@12
 ;RtlAssert
@@ -384,7 +384,7 @@ RtlGetLongestNtPathLength@0
 RtlGetOwnerSecurityDescriptor@12
 ;RtlGetProcessHeaps
 RtlGetProcessHeap@0
-;RtlGetSaclSecurityDescriptor
+RtlGetSaclSecurityDescriptor@16
 ;RtlGetUserInfoHeap
 ;RtlGuidToPropertySetName
 RtlIdentifierAuthoritySid@4
@@ -432,8 +432,8 @@ RtlLengthSid@4
 RtlLockHeap@4
 ;RtlLookupAtomInAtomTable
 ;RtlLookupElementGenericTable
-;RtlMakeSelfRelativeSD
+RtlMakeSelfRelativeSD@12
-;RtlMapGenericMask
+RtlMapGenericMask@8
 RtlMoveMemory@12
 RtlMultiByteToUnicodeN@20
 RtlMultiByteToUnicodeSize@12
@@ -484,7 +484,7 @@ RtlReleasePebLock@0
 ;RtlRunEncodeUnicodeString
 RtlSecondsSince1970ToTime@8
 RtlSecondsSince1980ToTime@8
-;RtlSelfRelatedToAbsoluteSD
+RtlSelfRelativeToAbsoluteSD@44
 RtlSetAllBits@4
 ;RtlSetAttributesSecurityDescriptor
 RtlSetBits@12
@@ -498,7 +498,7 @@ RtlSetOwnerSecurityDescriptor@12
 ;RtlSetProperties
 ;RtlSetPropertyNames
 ;RtlSetPropertySetClassId
-;RtlSetSaclSecurityDescriptor
+RtlSetSaclSecurityDescriptor@16
 ;RtlSetSecurityObject
 ;RtlSetTimeZoneInformation
 ;RtlSetUnicodeCallouts

reactos/lib/ntdll/def/ntdll.edf

@@ -1,4 +1,4 @@
-; $Id: ntdll.edf,v 1.38 2000/04/05 01:38:50 ekohl Exp $
+; $Id: ntdll.edf,v 1.39 2000/04/06 02:28:45 ekohl Exp $
 ;
 ; ReactOS Operating System
 ;
@@ -236,6 +236,8 @@ RtlAnsiStringToUnicodeSize=RtlAnsiStringToUnicodeSize@4
 RtlAnsiStringToUnicodeString=RtlAnsiStringToUnicodeString@12
 RtlAppendUnicodeStringToString=RtlAppendUnicodeStringToString@8
 RtlAppendUnicodeToString=RtlAppendUnicodeToString@8
+RtlAreAllAccessesGranted=RtlAreAllAccessesGranted@8
+RtlAreAnyAccessesGranted=RtlAreAnyAccessesGranted@8
 RtlAreBitsClear=RtlAreBitsClear@12
 RtlAreBitsSet=RtlAreBitsSet@12
 RtlCharToInteger=RtlCharToInteger@12
@@ -306,6 +308,7 @@ RtlGetGroupSecurityDescriptor=RtlGetGroupSecurityDescriptor@12
 RtlGetLongestNtPathLength=RtlGetLongestNtPathLength@0
 RtlGetOwnerSecurityDescriptor=RtlGetOwnerSecurityDescriptor@12
 RtlGetProcessHeap=RtlGetProcessHeap@0
+RtlGetSaclSecurityDescriptor=RtlGetSaclSecurityDescriptor@16
 RtlIdentifierAuthoritySid=RtlIdentifierAuthoritySid@4
 RtlImageDirectoryEntryToData=RtlImageDirectoryEntryToData@16
 RtlImageNtHeader=RtlImageNtHeader@4
@@ -334,6 +337,8 @@ RtlLengthRequiredSid=RtlLengthRequiredSid@4
 RtlLengthSecurityDescriptor=RtlLengthSecurityDescriptor@4
 RtlLengthSid=RtlLengthSid@4
 RtlLockHeap=RtlLockHeap@4
+RtlMakeSelfRelativeSD=RtlMakeSelfRelativeSD@12
+RtlMapGenericMask=RtlMapGenericMask@8
 RtlMoveMemory=RtlMoveMemory@12
 RtlMultiByteToUnicodeN=RtlMultiByteToUnicodeN@20
 RtlMultiByteToUnicodeSize=RtlMultiByteToUnicodeSize@12
@@ -351,6 +356,7 @@ RtlReAllocateHeap=RtlReAllocateHeap@16
 RtlReleasePebLock=RtlReleasePebLock@0
 RtlSecondsSince1970ToTime=RtlSecondsSince1970ToTime@8
 RtlSecondsSince1980ToTime=RtlSecondsSince1980ToTime@8
+RtlSelfRelativeToAbsoluteSD=RtlSelfRelativeToAbsoluteSD@44
 RtlSetAllBits=RtlSetAllBits@4
 RtlSetBits=RtlSetBits@12
 RtlSetCurrentDirectory_U=RtlSetCurrentDirectory_U@4
@@ -360,6 +366,7 @@ RtlSetEnvironmentVariable=RtlSetEnvironmentVariable@12
 RtlSetGroupSecurityDescriptor=RtlSetGroupSecurityDescriptor@12
 RtlSetInformationAcl=RtlSetInformationAcl@16
 RtlSetOwnerSecurityDescriptor=RtlSetOwnerSecurityDescriptor@12
+RtlSetSaclSecurityDescriptor=RtlSetSaclSecurityDescriptor@16
 RtlSizeHeap=RtlSizeHeap@12
 RtlSubAuthorityCountSid=RtlSubAuthorityCountSid@4
 RtlSubAuthoritySid=RtlSubAuthoritySid@8

reactos/lib/ntdll/makefile

@@ -1,4 +1,4 @@
-# $Id: makefile,v 1.42 2000/03/18 13:57:43 ekohl Exp $
+# $Id: makefile,v 1.43 2000/04/06 02:28:27 ekohl Exp $
 #
 # ReactOS Operating System
 #
@@ -30,7 +30,8 @@ DBG_OBJECTS = dbg/brkpoint.o dbg/print.o
 RTL_OBJECTS = rtl/critical.o rtl/error.o rtl/heap.o rtl/largeint.o \
               rtl/math.o rtl/mem.o rtl/nls.o rtl/process.o rtl/sd.o \
               rtl/thread.o rtl/unicode.o rtl/env.o rtl/path.o rtl/ppb.o \
-              rtl/bitmap.o rtl/time.o rtl/acl.o rtl/sid.o rtl/image.o
+              rtl/bitmap.o rtl/time.o rtl/acl.o rtl/sid.o rtl/image.o \
+              rtl/access.o
 
 STDIO_OBJECTS = stdio/sprintf.o stdio/swprintf.o
 

reactos/lib/ntdll/rtl/access.c

@@ -0,0 +1,64 @@
+/* $Id: access.c,v 1.1 2000/04/06 02:29:16 ekohl Exp $
+ *
+ * COPYRIGHT:         See COPYING in the top level directory
+ * PROJECT:           ReactOS kernel
+ * PURPOSE:           Access rights handling functions
+ * FILE:              lib/ntdll/rtl/access.c
+ * PROGRAMER:         Eric Kohl <ekohl@rz-online.de>
+ * REVISION HISTORY:
+ *                    06/04/2000: Created
+ */
+
+/* INCLUDES *****************************************************************/
+
+#include <ddk/ntddk.h>
+
+#include <ntdll/ntdll.h>
+
+/* FUNCTIONS ***************************************************************/
+
+BOOLEAN
+STDCALL
+RtlAreAllAccessesGranted (
+	ACCESS_MASK	GrantedAccess,
+	ACCESS_MASK	DesiredAccess
+	)
+{
+	return ((GrantedAccess & DesiredAccess) == DesiredAccess);
+}
+
+
+BOOLEAN
+STDCALL
+RtlAreAnyAccessesGranted (
+	ACCESS_MASK	GrantedAccess,
+	ACCESS_MASK	DesiredAccess
+	)
+{
+	return ((GrantedAccess & DesiredAccess) != 0);
+}
+
+
+VOID
+STDCALL
+RtlMapGenericMask (
+	PACCESS_MASK		AccessMask,
+	PGENERIC_MAPPING	GenericMapping
+	)
+{
+	if (*AccessMask & GENERIC_READ)
+		*AccessMask |= GenericMapping->GenericRead;
+
+	if (*AccessMask & GENERIC_WRITE)
+		*AccessMask |= GenericMapping->GenericWrite;
+
+	if (*AccessMask & GENERIC_EXECUTE)
+		*AccessMask |= GenericMapping->GenericExecute;
+
+	if (*AccessMask & GENERIC_ALL)
+		*AccessMask |= GenericMapping->GenericAll;
+
+	*AccessMask &= 0x0FFFFFFF;
+}
+
+/* EOF */

reactos/lib/ntdll/rtl/sd.c

@@ -1,4 +1,4 @@
-/* $Id: sd.c,v 1.2 2000/03/12 01:17:59 ekohl Exp $
+/* $Id: sd.c,v 1.3 2000/04/06 02:29:16 ekohl Exp $
  *
  * COPYRIGHT:         See COPYING in the top level directory
  * PROJECT:           ReactOS kernel
@@ -41,9 +41,9 @@ ULONG STDCALL RtlLengthSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDescript
    ULONG Length;
    PACL Dacl;
    PACL Sacl;
-   
+
    Length = sizeof(SECURITY_DESCRIPTOR);
-   
+
    if (SecurityDescriptor->Owner != NULL)
      {
 	Owner = SecurityDescriptor->Owner;
@@ -153,7 +153,7 @@ NTSTATUS STDCALL RtlSetDaclSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDesc
    SecurityDescriptor->Control = SecurityDescriptor->Control & ~(0x8);
    if (DaclDefaulted)
      {
-	SecurityDescriptor->Control = SecurityDescriptor->Control | 0x80;
+	SecurityDescriptor->Control = SecurityDescriptor->Control | 0x8;
      }
    return(STATUS_SUCCESS);
 }
@@ -275,7 +275,6 @@ NTSTATUS STDCALL RtlGetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR SecurityDes
    return(STATUS_SUCCESS);
 }
 
-
 NTSTATUS
 STDCALL
 RtlMakeSelfRelativeSD (
@@ -284,12 +283,9 @@ RtlMakeSelfRelativeSD (
 	PULONG			BufferLength
 	)
 {
-
    UNIMPLEMENTED;
-
 }
 
-
 NTSTATUS
 STDCALL
 RtlAbsoluteToSelfRelativeSD (
@@ -306,7 +302,6 @@ RtlAbsoluteToSelfRelativeSD (
 	return (RtlMakeSelfRelativeSD (AbsSD, RelSD, BufferLength));
 }
 
-
 NTSTATUS
 STDCALL
 RtlGetControlSecurityDescriptor (
@@ -325,4 +320,100 @@ RtlGetControlSecurityDescriptor (
 	return STATUS_SUCCESS;
 }
 
+NTSTATUS
+STDCALL
+RtlGetSaclSecurityDescriptor (
+	PSECURITY_DESCRIPTOR	SecurityDescriptor,
+	PBOOLEAN		SaclPresent,
+	PACL			*Sacl,
+	PBOOLEAN		SaclDefaulted)
+{
+   if (SecurityDescriptor->Revision != 1)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (!(SecurityDescriptor->Control & SE_SACL_PRESENT))
+     {
+	*SaclPresent = 0;
+	return(STATUS_SUCCESS);
+     }
+   *SaclPresent = 1;
+   if (SecurityDescriptor->Sacl == NULL)
+     {
+	*Sacl = NULL;
+     }
+   else
+     {
+	if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
+	  {
+	     *Sacl = (PACL)((ULONG)SecurityDescriptor->Sacl +
+			    (PVOID)SecurityDescriptor);
+	  }
+	else
+	  {
+	     *Sacl = SecurityDescriptor->Sacl;
+	  }
+     }
+   if (SecurityDescriptor->Control & SE_SACL_DEFAULTED)
+     {
+	*SaclDefaulted = 1;
+     }
+   else
+     {
+	*SaclDefaulted = 0;
+     }
+   return(STATUS_SUCCESS);
+}
+
+NTSTATUS
+STDCALL
+RtlSetSaclSecurityDescriptor (
+	PSECURITY_DESCRIPTOR	SecurityDescriptor,
+	BOOLEAN			SaclPresent,
+	PACL			Sacl,
+	BOOLEAN			SaclDefaulted
+	)
+{
+   if (SecurityDescriptor->Revision != 1)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (SecurityDescriptor->Control & SE_SELF_RELATIVE)
+     {
+	return(STATUS_UNSUCCESSFUL);
+     }
+   if (!SaclPresent)
+     {
+	SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_PRESENT);
+	return(STATUS_SUCCESS);
+     }
+   SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_PRESENT;
+   SecurityDescriptor->Sacl = Sacl;
+   SecurityDescriptor->Control = SecurityDescriptor->Control & ~(SE_SACL_DEFAULTED);
+   if (SaclDefaulted)
+     {
+	SecurityDescriptor->Control = SecurityDescriptor->Control | SE_SACL_DEFAULTED;
+     }
+   return(STATUS_SUCCESS);
+}
+
+NTSTATUS
+STDCALL
+RtlSelfRelativeToAbsoluteSD (
+	PSECURITY_DESCRIPTOR	RelSD,
+	PSECURITY_DESCRIPTOR	AbsSD,
+	LPDWORD			AbsSDSize,
+	PACL			Dacl,
+	LPDWORD			DaclSize,
+	PACL			Sacl,
+	LPDWORD			SaclSize,
+	PSID			Owner,
+	LPDWORD			OwnerSize,
+	PSID			Group,
+	LPDWORD			GroupSize
+	)
+{
+   UNIMPLEMENTED;
+}
+
 /* EOF */