git://git.jankratochvil.net / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
branch update for HEAD-2003021201
[reactos.git] / include / ntos / security.h
1 #ifndef __INCLUDE_SECURITY_H
2 #define __INCLUDE_SECURITY_H
3
4 #include <ntos/ntdef.h>
5 #include <ntos/types.h>
6
7 /* Privileges */
8 #define SE_MIN_WELL_KNOWN_PRIVILEGE             (2L)
9 #define SE_CREATE_TOKEN_PRIVILEGE               (2L)
10 #define SE_ASSIGNPRIMARYTOKEN_PRIVILEGE         (3L)
11 #define SE_LOCK_MEMORY_PRIVILEGE                (4L)
12 #define SE_INCREASE_QUOTA_PRIVILEGE             (5L)
13 #define SE_UNSOLICITED_INPUT_PRIVILEGE          (6L)  /* unused */
14 #define SE_MACHINE_ACCOUNT_PRIVILEGE            (6L)
15 #define SE_TCB_PRIVILEGE                        (7L)
16 #define SE_SECURITY_PRIVILEGE                   (8L)
17 #define SE_TAKE_OWNERSHIP_PRIVILEGE             (9L)
18 #define SE_LOAD_DRIVER_PRIVILEGE                (10L)
19 #define SE_SYSTEM_PROFILE_PRIVILEGE             (11L)
20 #define SE_SYSTEMTIME_PRIVILEGE                 (12L)
21 #define SE_PROF_SINGLE_PROCESS_PRIVILEGE        (13L)
22 #define SE_INC_BASE_PRIORITY_PRIVILEGE          (14L)
23 #define SE_CREATE_PAGEFILE_PRIVILEGE            (15L)
24 #define SE_CREATE_PERMANENT_PRIVILEGE           (16L)
25 #define SE_BACKUP_PRIVILEGE                     (17L)
26 #define SE_RESTORE_PRIVILEGE                    (18L)
27 #define SE_SHUTDOWN_PRIVILEGE                   (19L)
28 #define SE_DEBUG_PRIVILEGE                      (20L)
29 #define SE_AUDIT_PRIVILEGE                      (21L)
30 #define SE_SYSTEM_ENVIRONMENT_PRIVILEGE         (22L)
31 #define SE_CHANGE_NOTIFY_PRIVILEGE              (23L)
32 #define SE_REMOTE_SHUTDOWN_PRIVILEGE            (24L)
33 #define SE_MAX_WELL_KNOWN_PRIVILEGE             SE_REMOTE_SHUTDOWN_PRIVILEGE
34
35 #if 0
36 /* Security descriptor control. */
37 #define SECURITY_DESCRIPTOR_REVISION    (1)
38 #define SECURITY_DESCRIPTOR_MIN_LENGTH  (20)
39 #define SE_OWNER_DEFAULTED      (1)
40 #define SE_GROUP_DEFAULTED      (2)
41 #define SE_DACL_PRESENT (4)
42 #define SE_DACL_DEFAULTED       (8)
43 #define SE_SACL_PRESENT (16)
44 #define SE_SACL_DEFAULTED       (32)
45 #define SE_SELF_RELATIVE        (32768)
46 #endif
47
48 typedef ULONG ACCESS_MODE, *PACCESS_MODE;
49
50 #if 0
51 typedef struct _ACE_HEADER
52 {
53   CHAR AceType;
54   CHAR AceFlags;
55   USHORT AceSize;
56   ACCESS_MASK AccessMask;
57 } ACE_HEADER, *PACE_HEADER;
58
59 typedef struct
60 {
61   ACE_HEADER Header;
62 } ACE, *PACE;
63 #endif
64
65 #ifdef __GNU__
66 typedef struct _SECURITY_DESCRIPTOR_CONTEXT
67 {
68 } SECURITY_DESCRIPTOR_CONTEXT, *PSECURITY_DESCRIPTOR_CONTEXT;
69 #endif
70
71
72 #ifndef __USE_W32API
73
74 /* SID Auhority */
75 #define SECURITY_NULL_SID_AUTHORITY             {0,0,0,0,0,0}
76 #define SECURITY_WORLD_SID_AUTHORITY            {0,0,0,0,0,1}
77 #define SECURITY_LOCAL_SID_AUTHORITY            {0,0,0,0,0,2}
78 #define SECURITY_CREATOR_SID_AUTHORITY          {0,0,0,0,0,3}
79 #define SECURITY_NON_UNIQUE_AUTHORITY           {0,0,0,0,0,4}
80 #define SECURITY_NT_AUTHORITY                   {0,0,0,0,0,5}
81
82 /* SID */
83 #define SECURITY_NULL_RID                       (0L)
84 #define SECURITY_WORLD_RID                      (0L)
85 #define SECURITY_LOCAL_RID                      (0L)
86 #define SECURITY_CREATOR_OWNER_RID              (0L)
87 #define SECURITY_CREATOR_GROUP_RID              (0x1L)
88 #define SECURITY_CREATOR_OWNER_SERVER_RID       (0x2L)
89 #define SECURITY_CREATOR_GROUP_SERVER_RID       (0x3L)
90 #define SECURITY_DIALUP_RID                     (0x1L)
91 #define SECURITY_NETWORK_RID                    (0x2L)
92 #define SECURITY_BATCH_RID                      (0x3L)
93 #define SECURITY_INTERACTIVE_RID                (0x4L)
94 #define SECURITY_LOGON_IDS_RID                  (0x5L)
95 #define SECURITY_LOGON_IDS_RID_COUNT            (0x3L)
96 #define SECURITY_SERVICE_RID                    (0x6L)
97 #define SECURITY_ANONYMOUS_LOGON_RID            (0x7L)
98 #define SECURITY_PROXY_RID                      (0x8L)
99 #define SECURITY_ENTERPRISE_CONTROLLERS_RID     (0x9L)
100 #define SECURITY_SERVER_LOGON_RID               SECURITY_ENTERPRISE_CONTROLLERS_RID
101 #define SECURITY_PRINCIPAL_SELF_RID             (0xAL)
102 #define SECURITY_AUTHENTICATED_USER_RID         (0xBL)
103 #define SECURITY_RESTRICTED_CODE_RID            (0xCL)
104 #define SECURITY_LOCAL_SYSTEM_RID               (0x12L)
105 #define SECURITY_NT_NON_UNIQUE_RID              (0x15L)
106 #define SECURITY_BUILTIN_DOMAIN_RID             (0x20L)
107 #define DOMAIN_USER_RID_ADMIN                   (0x1F4L)
108 #define DOMAIN_USER_RID_GUEST                   (0x1F5L)
109 #define DOMAIN_GROUP_RID_ADMINS                 (0x200L)
110 #define DOMAIN_GROUP_RID_USERS                  (0x201L)
111 #define DOMAIN_ALIAS_RID_ADMINS                 (0x220L)
112 #define DOMAIN_ALIAS_RID_USERS                  (0x221L)
113 #define DOMAIN_ALIAS_RID_GUESTS                 (0x222L)
114 #define DOMAIN_ALIAS_RID_POWER_USERS            (0x223L)
115 #define DOMAIN_ALIAS_RID_ACCOUNT_OPS            (0x224L)
116 #define DOMAIN_ALIAS_RID_SYSTEM_OPS             (0x225L)
117 #define DOMAIN_ALIAS_RID_PRINT_OPS              (0x226L)
118 #define DOMAIN_ALIAS_RID_BACKUP_OPS             (0x227L)
119 #define DOMAIN_ALIAS_RID_REPLICATOR             (0x228L)
120
121 /* ACCESS_MASK */
122 #define MAXIMUM_ALLOWED                 (0x2000000L)
123 #define GENERIC_ALL                     (0x10000000L)
124 #define GENERIC_EXECUTE                 (0x20000000L)
125
126 #define SECURITY_STATIC_TRACKING        (0)
127 #define SECURITY_DYNAMIC_TRACKING       (1)
128
129 /* Standard rights */
130 #define STANDARD_RIGHTS_REQUIRED        (0xf0000L)
131 #define STANDARD_RIGHTS_WRITE           (0x20000L)
132 #define STANDARD_RIGHTS_READ            (0x20000L)
133 #define STANDARD_RIGHTS_EXECUTE         (0x20000L)
134 #define STANDARD_RIGHTS_ALL             (0x1f0000L)
135 #define SPECIFIC_RIGHTS_ALL             (0xffffL)
136
137 /* Token rights */
138 #define TOKEN_ASSIGN_PRIMARY            (0x0001L)
139 #define TOKEN_DUPLICATE                 (0x0002L)
140 #define TOKEN_IMPERSONATE               (0x0004L)
141 #define TOKEN_QUERY                     (0x0008L)
142 #define TOKEN_QUERY_SOURCE              (0x0010L)
143 #define TOKEN_ADJUST_PRIVILEGES         (0x0020L)
144 #define TOKEN_ADJUST_GROUPS             (0x0040L)
145 #define TOKEN_ADJUST_DEFAULT            (0x0080L)
146
147 #define TOKEN_ALL_ACCESS                (0xf00ffL)
148 #define TOKEN_READ                      (0x20008L)
149 #define TOKEN_WRITE                     (0x200e0L)
150 #define TOKEN_EXECUTE                   (0x20000L)
151
152 typedef BOOL SECURITY_CONTEXT_TRACKING_MODE;
153
154 typedef ULONG SECURITY_INFORMATION, *PSECURITY_INFORMATION;
155
156 typedef enum _TOKEN_INFORMATION_CLASS
157 {
158   TokenUser = 1,
159   TokenGroups,
160   TokenPrivileges,
161   TokenOwner,
162   TokenPrimaryGroup,
163   TokenDefaultDacl,
164   TokenSource,
165   TokenType,
166   TokenImpersonationLevel,
167   TokenStatistics
168 } TOKEN_INFORMATION_CLASS;
169
170 typedef ULONG SECURITY_IMPERSONATION_LEVEL, *PSECURITY_IMPERSONATION_LEVEL;
171
172 #define SecurityAnonymous ((SECURITY_IMPERSONATION_LEVEL)1)
173 #define SecurityIdentification ((SECURITY_IMPERSONATION_LEVEL)2)
174 #define SecurityImpersonation ((SECURITY_IMPERSONATION_LEVEL)3)
175 #define SecurityDelegation ((SECURITY_IMPERSONATION_LEVEL)4)
176
177 typedef ULONG ACCESS_MASK, *PACCESS_MASK;
178 typedef ULONG TOKEN_TYPE, *PTOKEN_TYPE;
179
180 #define TokenPrimary           ((TOKEN_TYPE)1)
181 #define TokenImpersonation     ((TOKEN_TYPE)2)
182
183 typedef struct _SECURITY_QUALITY_OF_SERVICE
184 {
185   ULONG Length;
186   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
187   SECURITY_CONTEXT_TRACKING_MODE ContextTrackingMode;
188   BOOLEAN EffectiveOnly;
189 } SECURITY_QUALITY_OF_SERVICE;
190
191 typedef SECURITY_QUALITY_OF_SERVICE* PSECURITY_QUALITY_OF_SERVICE;
192
193 typedef struct _ACE_HEADER
194 {
195   BYTE AceType;
196   BYTE AceFlags;
197   WORD AceSize;
198 } ACE_HEADER, *PACE_HEADER;
199
200 typedef struct _SID_IDENTIFIER_AUTHORITY
201 {
202   BYTE Value[6];
203 } SID_IDENTIFIER_AUTHORITY, *PSID_IDENTIFIER_AUTHORITY;
204
205 typedef struct _SID
206 {
207   UCHAR  Revision;
208   UCHAR  SubAuthorityCount;
209   SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
210   ULONG SubAuthority[1];
211 } SID, *PSID;
212
213 typedef struct _ACL
214 {
215   UCHAR AclRevision;
216   UCHAR Sbz1;
217   USHORT AclSize;
218   USHORT AceCount;
219   USHORT Sbz2;
220 } ACL, *PACL;
221
222 typedef struct _ACL_REVISION_INFORMATION
223 {
224   ULONG AclRevision;
225 } ACL_REVISION_INFORMATION, *PACL_REVISION_INFORMATION;
226
227 typedef struct _ACL_SIZE_INFORMATION
228 {
229   ULONG AceCount;
230   ULONG AclBytesInUse;
231   ULONG AclBytesFree;
232 } ACL_SIZE_INFORMATION, *PACL_SIZE_INFORMATION;
233
234 typedef enum _ACL_INFORMATION_CLASS
235 {
236   AclRevisionInformation = 1,
237   AclSizeInformation
238 } ACL_INFORMATION_CLASS;
239
240 typedef USHORT SECURITY_DESCRIPTOR_CONTROL, *PSECURITY_DESCRIPTOR_CONTROL;
241
242 typedef LARGE_INTEGER LUID, *PLUID;
243
244 typedef struct _SECURITY_DESCRIPTOR
245 {
246   UCHAR  Revision;
247   UCHAR  Sbz1;
248   SECURITY_DESCRIPTOR_CONTROL Control;
249   PSID Owner;
250   PSID Group;
251   PACL Sacl;
252   PACL Dacl;
253 } SECURITY_DESCRIPTOR, *PSECURITY_DESCRIPTOR;
254
255 typedef struct _LUID_AND_ATTRIBUTES
256 {
257   LUID  Luid;
258   DWORD Attributes;
259 } LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES;
260
261 typedef struct _TOKEN_SOURCE
262 {
263   CHAR SourceName[8];
264   LUID SourceIdentifier;
265 } TOKEN_SOURCE, *PTOKEN_SOURCE;
266
267 typedef struct _TOKEN_CONTROL
268 {
269   LUID TokenId;
270   LUID AuthenticationId;
271   LUID ModifiedId;
272   TOKEN_SOURCE TokenSource;
273 } TOKEN_CONTROL, *PTOKEN_CONTROL;
274
275 typedef struct _SID_AND_ATTRIBUTES
276 {
277   PSID  Sid;
278   DWORD Attributes;
279 } SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
280
281 typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY];
282 typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY;
283
284 typedef struct _TOKEN_USER
285 {
286   SID_AND_ATTRIBUTES User;
287 } TOKEN_USER, *PTOKEN_USER;
288
289 typedef struct _TOKEN_PRIMARY_GROUP
290 {
291   PSID PrimaryGroup;
292 } TOKEN_PRIMARY_GROUP, *PTOKEN_PRIMARY_GROUP;
293
294 typedef struct _TOKEN_GROUPS
295 {
296   DWORD GroupCount;
297   SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
298 } TOKEN_GROUPS, *PTOKEN_GROUPS, *LPTOKEN_GROUPS;
299
300 typedef struct _TOKEN_PRIVILEGES
301 {
302   DWORD PrivilegeCount;
303   LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
304 } TOKEN_PRIVILEGES, *PTOKEN_PRIVILEGES, *LPTOKEN_PRIVILEGES;
305
306 typedef struct _TOKEN_OWNER
307 {
308   PSID Owner;
309 } TOKEN_OWNER, *PTOKEN_OWNER;
310
311 typedef struct _TOKEN_DEFAULT_DACL
312 {
313   PACL DefaultDacl;
314 } TOKEN_DEFAULT_DACL, *PTOKEN_DEFAULT_DACL;
315
316 typedef struct _TOKEN_STATISTICS
317 {
318   LUID  TokenId;
319   LUID  AuthenticationId;
320   LARGE_INTEGER ExpirationTime;
321   TOKEN_TYPE TokenType;
322   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
323   DWORD DynamicCharged;
324   DWORD DynamicAvailable;
325   DWORD GroupCount;
326   DWORD PrivilegeCount;
327   LUID  ModifiedId;
328 } TOKEN_STATISTICS, *PTOKEN_STATISTICS;
329
330 typedef struct _GENERIC_MAPPING
331 {
332   ACCESS_MASK GenericRead;
333   ACCESS_MASK GenericWrite;
334   ACCESS_MASK GenericExecute;
335   ACCESS_MASK GenericAll;
336 } GENERIC_MAPPING, *PGENERIC_MAPPING;
337
338 typedef struct _PRIVILEGE_SET
339 {
340   DWORD PrivilegeCount;
341   DWORD Control;
342   LUID_AND_ATTRIBUTES Privilege[ANYSIZE_ARRAY];
343 } PRIVILEGE_SET, *PPRIVILEGE_SET, *LPPRIVILEGE_SET;
344
345 typedef struct _SECURITY_ATTRIBUTES
346 {
347   DWORD  nLength;
348   LPVOID lpSecurityDescriptor;
349   BOOL   bInheritHandle;
350 } SECURITY_ATTRIBUTES, *LPSECURITY_ATTRIBUTES;
351
352 #endif /* !__USE_W32API */
353
354 typedef struct
355 {
356   ACE_HEADER Header;
357   ACCESS_MASK AccessMask;
358 } ACE, *PACE;
359
360 #endif /* __INCLUDE_SECURITY_H */
Unnamed repository; edit this file 'description' to name the repository.