From ba46c1b9a20d73e556e627316371dbfc0dd2471f Mon Sep 17 00:00:00 2001 From: Nadezhda Ivanova Date: Tue, 30 Jun 2009 15:50:05 +0300 Subject: [PATCH] Added default DACL to the security token structure. Added anum for inheritance flags. --- librpc/gen_ndr/security.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/librpc/gen_ndr/security.h b/librpc/gen_ndr/security.h index d1dcbe552a8..ab07363807e 100644 --- a/librpc/gen_ndr/security.h +++ b/librpc/gen_ndr/security.h @@ -76,6 +76,11 @@ #define STANDARD_RIGHTS_READ_ACCESS ( SEC_STD_READ_CONTROL ) #define STANDARD_RIGHTS_WRITE_ACCESS ( (SEC_STD_WRITE_OWNER|SEC_STD_WRITE_DAC|SEC_STD_DELETE) ) #define STANDARD_RIGHTS_REQUIRED_ACCESS ( (SEC_STD_DELETE|SEC_STD_READ_CONTROL|SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER) ) +#define SEC_ADS_GENERIC_ALL_DS ( SEC_STD_DELETE|SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER|SEC_ADS_CREATE_CHILD|SEC_ADS_DELETE_CHILD|SEC_ADS_DELETE_TREE|SEC_ADS_CONTROL_ACCESS ) +#define SEC_ADS_GENERIC_EXECUTE ( SEC_STD_READ_CONTROL|SEC_ADS_LIST ) +#define SEC_ADS_GENERIC_WRITE ( SEC_STD_READ_CONTROL|SEC_ADS_SELF_WRITE|SEC_ADS_WRITE_PROP ) +#define SEC_ADS_GENERIC_READ ( SEC_STD_READ_CONTROL|SEC_ADS_LIST|SEC_ADS_READ_PROP|SEC_ADS_LIST_OBJECT ) +#define SEC_ADS_GENERIC_ALL ( SEC_ADS_GENERIC_EXECUTE|SEC_ADS_GENERIC_WRITE|SEC_ADS_GENERIC_READ|SEC_ADS_GENERIC_ALL_DS ) #define SID_NULL ( "S-1-0-0" ) #define NAME_WORLD ( "WORLD" ) #define SID_WORLD_DOMAIN ( "S-1-1" ) @@ -341,6 +346,7 @@ struct security_token { uint32_t num_sids; struct dom_sid **sids;/* [unique,size_is(num_sids)] */ uint64_t privilege_mask; + struct security_acl *default_dacl; }/* [public] */; /* bitmap security_secinfo */ @@ -360,4 +366,11 @@ struct security_token { #define KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 ( 0x00000008 ) #define KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 ( 0x00000010 ) +/* auto inherit flags */ +#define SEC_DACL_AUTO_INHERIT ( 0x00000001 ) +#define SEC_SACL_AUTO_INHERIT ( 0x00000002 ) +#define SEC_DEFAULT_DESCRIPTOR ( 0x00000004 ) +#define SEC_OWNER_FROM_PARENT ( 0x00000008 ) +#define SEC_GROUP_FROM_PARENT ( 0x00000010 ) + #endif /* _HEADER_security */ -- 2.11.4.GIT