2 * security-api.h: some miscellaneous security-related helper functions,
3 * defined in utils/security.c, that use the advapi32 library. Also
4 * centralises the machinery for dynamically loading that library.
10 * Functions loaded from advapi32.dll.
12 DECL_WINDOWS_FUNCTION(extern, BOOL
, OpenProcessToken
,
13 (HANDLE
, DWORD
, PHANDLE
));
14 DECL_WINDOWS_FUNCTION(extern, BOOL
, GetTokenInformation
,
15 (HANDLE
, TOKEN_INFORMATION_CLASS
,
16 LPVOID
, DWORD
, PDWORD
));
17 DECL_WINDOWS_FUNCTION(extern, BOOL
, InitializeSecurityDescriptor
,
18 (PSECURITY_DESCRIPTOR
, DWORD
));
19 DECL_WINDOWS_FUNCTION(extern, BOOL
, SetSecurityDescriptorOwner
,
20 (PSECURITY_DESCRIPTOR
, PSID
, BOOL
));
21 DECL_WINDOWS_FUNCTION(extern, DWORD
, GetSecurityInfo
,
22 (HANDLE
, SE_OBJECT_TYPE
, SECURITY_INFORMATION
,
23 PSID
*, PSID
*, PACL
*, PACL
*,
24 PSECURITY_DESCRIPTOR
*));
25 DECL_WINDOWS_FUNCTION(extern, DWORD
, SetSecurityInfo
,
26 (HANDLE
, SE_OBJECT_TYPE
, SECURITY_INFORMATION
,
27 PSID
, PSID
, PACL
, PACL
));
28 DECL_WINDOWS_FUNCTION(extern, DWORD
, SetEntriesInAclA
,
29 (ULONG
, PEXPLICIT_ACCESS
, PACL
, PACL
*));
30 bool got_advapi(void);
33 * Find the SID describing the current user. The return value (if not
34 * NULL for some error-related reason) is smalloced.
36 PSID
get_user_sid(void);
39 * Construct a PSECURITY_DESCRIPTOR of the type used for named pipe
40 * servers, i.e. allowing access only to the current user id and also
41 * only local (i.e. not over SMB) connections.
43 * If this function returns true, then 'psd' and 'acl' will have been
44 * filled in with memory allocated using LocalAlloc (and hence must be
45 * freed later using LocalFree). If it returns false, then instead
46 * 'error' has been filled with a dynamically allocated error message.
48 bool make_private_security_descriptor(
49 DWORD permissions
, PSECURITY_DESCRIPTOR
*psd
, PACL
*acl
, char **error
);