180 lines
3.3 KiB
C++
180 lines
3.3 KiB
C++
/*
|
|
|
|
// Copyright (c) 2000-2001 Microsoft Corporation, All Rights Reserved
|
|
*
|
|
* Created: 4/21/2000, Kevin Hughes
|
|
*/
|
|
|
|
|
|
#pragma once
|
|
|
|
|
|
class CSidAndAttribute
|
|
{
|
|
public:
|
|
CSidAndAttribute() {}
|
|
CSidAndAttribute(
|
|
CSid& csidIn,
|
|
DWORD dwAttribIn)
|
|
{
|
|
m_sid = csidIn;
|
|
m_dwAttributes = dwAttribIn;
|
|
}
|
|
|
|
virtual ~CSidAndAttribute() {}
|
|
CSid m_sid;
|
|
DWORD m_dwAttributes;
|
|
};
|
|
|
|
|
|
class Privilege
|
|
{
|
|
public:
|
|
|
|
Privilege() : dwAttributes(0) {}
|
|
virtual ~Privilege() {}
|
|
Privilege(
|
|
CHString& strIn,
|
|
DWORD attribsIn)
|
|
: dwAttributes(attribsIn)
|
|
{
|
|
chstrName = strIn;
|
|
}
|
|
|
|
CHString chstrName;
|
|
DWORD dwAttributes;
|
|
};
|
|
|
|
|
|
typedef std::vector<CSidAndAttribute> SANDATTRIBUTE_VECTOR;
|
|
typedef std::vector<Privilege> PRIVILEGE_VECTOR;
|
|
|
|
|
|
|
|
class CToken
|
|
{
|
|
public:
|
|
CToken();
|
|
CToken(
|
|
const CToken& rTok);
|
|
virtual ~CToken();
|
|
|
|
void Duplicate(CToken& tokDup) const;
|
|
|
|
long GetPrivCount() const;
|
|
long GetGroupCount() const;
|
|
|
|
bool GetPrivilege(
|
|
Privilege* privOut,
|
|
long lPos) const;
|
|
|
|
bool GetGroup(
|
|
CSid* sidOut,
|
|
long lPos) const;
|
|
|
|
// Deletes a member from the access token's
|
|
// member list, and applies the change.
|
|
bool DeleteGroup(
|
|
CSid& sidToDelete);
|
|
|
|
// Adds a member to the specified group to
|
|
// the list of token groups.
|
|
bool AddGroup(
|
|
CSid& sidToAdd,
|
|
DWORD dwAttributes);
|
|
|
|
CToken& operator=(
|
|
const CToken& rv);
|
|
|
|
HANDLE GetTokenHandle() const;
|
|
|
|
bool GetTokenOwner(
|
|
CSid* sidOwner) const;
|
|
|
|
// NOTE: hands back internal descriptor.
|
|
bool GetDefaultSD(
|
|
CSecurityDescriptor** ppsdDefault);
|
|
|
|
DWORD SetDefaultSD(
|
|
CSecurityDescriptor& SourceSD);
|
|
|
|
DWORD EnablePrivilege(
|
|
CHString& strPrivilegeName);
|
|
|
|
DWORD DisablePrivilege(
|
|
CHString& chstrPrivilegeName);
|
|
|
|
void Dump(WCHAR* pszFileName);
|
|
|
|
|
|
protected:
|
|
|
|
DWORD ReinitializeAll();
|
|
HANDLE m_hToken;
|
|
DWORD m_dwLastError;
|
|
bool m_fIsValid;
|
|
|
|
private:
|
|
|
|
|
|
DWORD ReinitializeOwnerSid();
|
|
DWORD ReinitializeDefaultSD();
|
|
DWORD RebuildGroupList();
|
|
DWORD RebuildPrivilegeList();
|
|
DWORD GTI(
|
|
TOKEN_INFORMATION_CLASS TokenInformationClass,
|
|
PVOID* ppvBuff);
|
|
bool ApplyTokenGroups();
|
|
|
|
|
|
CSid m_sidTokenOwner;
|
|
CSecurityDescriptor* m_psdDefault; // Default security info
|
|
SANDATTRIBUTE_VECTOR m_vecGroupsAndAttributes; // List of groups and their attributes
|
|
PRIVILEGE_VECTOR m_vecPrivileges; // List of privileges
|
|
|
|
};
|
|
|
|
|
|
|
|
class CProcessToken : public CToken
|
|
{
|
|
public:
|
|
CProcessToken(
|
|
DWORD dwDesiredAccess = TOKEN_ALL_ACCESS,
|
|
bool fGetHandleOnly = false,
|
|
HANDLE hProcess = INVALID_HANDLE_VALUE);
|
|
|
|
//CProcessToken(
|
|
// const CProcessToken& rTok);
|
|
|
|
virtual ~CProcessToken() {}
|
|
|
|
|
|
private:
|
|
|
|
|
|
};
|
|
|
|
|
|
class CThreadToken : public CToken
|
|
{
|
|
public:
|
|
//CThreadToken();
|
|
|
|
CThreadToken(
|
|
bool fAccessCheckProcess,
|
|
bool fPrimary,
|
|
bool fGetHandleOnly = false);
|
|
|
|
CThreadToken(HANDLE h);
|
|
|
|
//CThreadToken(
|
|
// const CThreadToken& rTok);
|
|
|
|
virtual ~CThreadToken() {}
|
|
|
|
private:
|
|
|
|
|
|
};
|