/*++
Copyright (c) 1993 Microsoft Corporation
Module Name:
regacl.c
Abstract:
This module contains the code for adding access permission ACL in a registry
key.
Author:
Terrence Kwan (terryk) 25-Sept-1993
Revision History:
--*/
#include <procs.h>
DWORD
NwLibSetEverybodyPermission(
IN HKEY hKey,
IN DWORD dwPermission
)
/*++
Routine Description:
Set the registry key to everybody "Set Value" (or whatever
the caller want.)
Arguments:
hKey - The handle of the registry key to set security on
dwPermission - The permission to add to "everybody"
Return Value:
The win32 error.
--*/
{
LONG err; // error code
PSECURITY_DESCRIPTOR psd = NULL; // related SD
PACL pDacl = NULL; // Absolute DACL
PACL pSacl = NULL; // Absolute SACL
PSID pOSid = NULL; // Absolute Owner SID
PSID pPSid = NULL; // Absolute Primary SID
do { // Not a loop, just for breaking out of error
//
// Initialize all the variables...
//
// world sid authority
SID_IDENTIFIER_AUTHORITY SidAuth= SECURITY_WORLD_SID_AUTHORITY;
DWORD cbSize=0; // Security key size
PACL pAcl; // original ACL
BOOL fDaclPresent;
BOOL fDaclDefault;
PSID pSid; // original SID
SECURITY_DESCRIPTOR absSD; // Absolute SD
DWORD AbsSize = sizeof(SECURITY_DESCRIPTOR); // Absolute SD size
DWORD DaclSize; // Absolute DACL size
DWORD SaclSize; // Absolute SACL size
DWORD OSidSize; // Absolute OSID size
DWORD PSidSize; // Absolute PSID size
// Get the original DACL list
RegGetKeySecurity( hKey, DACL_SECURITY_INFORMATION, NULL, &cbSize);
psd = (PSECURITY_DESCRIPTOR *)LocalAlloc(LMEM_ZEROINIT, cbSize+sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID));
pDacl = (PACL)LocalAlloc(LMEM_ZEROINIT, cbSize+sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID));
pSacl = (PACL)LocalAlloc(LMEM_ZEROINIT, cbSize);
pOSid = (PSID)LocalAlloc(LMEM_ZEROINIT, cbSize);
pPSid = (PSID)LocalAlloc(LMEM_ZEROINIT, cbSize);
DaclSize = cbSize+sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID);
SaclSize = cbSize;
OSidSize = cbSize;
PSidSize = cbSize;
if (( NULL == psd) ||
( NULL == pDacl) ||
( NULL == pSacl) ||
( NULL == pOSid) ||
( NULL == pPSid))
{
err = ERROR_INSUFFICIENT_BUFFER;
break;
}
if ( (err = RegGetKeySecurity( hKey, DACL_SECURITY_INFORMATION, psd, &cbSize )) != ERROR_SUCCESS )
{
break;
}
if ( !GetSecurityDescriptorDacl( psd, &fDaclPresent, &pAcl, &fDaclDefault ))
{
err = GetLastError();
break;
}
// Increase the size for an extra ACE
pAcl->AclSize += sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID);
// Get World SID
if ( (err = RtlAllocateAndInitializeSid( &SidAuth, 1,
SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &pSid)) != ERROR_SUCCESS)
{
break;
}
// Add Permission ACE
if ( !AddAccessAllowedAce(pAcl, ACL_REVISION, dwPermission ,pSid))
{
err = GetLastError();
break;
}
// Convert from relate format to absolute format
if ( !MakeAbsoluteSD( psd, &absSD, &AbsSize, pDacl, &DaclSize, pSacl, &SaclSize,
pOSid, &OSidSize, pPSid, &PSidSize ))
{
err = GetLastError();
break;
}
// Set SD
if ( !SetSecurityDescriptorDacl( &absSD, TRUE, pAcl, FALSE ))
{
err = GetLastError();
break;
}
if ( (err = RegSetKeySecurity( hKey, DACL_SECURITY_INFORMATION, psd ))
!= ERROR_SUCCESS )
{
break;
}
} while (FALSE);
// Clean up the memory
LocalFree( psd );
LocalFree( pDacl );
LocalFree( pSacl );
LocalFree( pOSid );
LocalFree( pPSid );
return err;
}
