diff options
Diffstat (limited to 'private/nw/nwlib/regacl.c')
-rw-r--r-- | private/nw/nwlib/regacl.c | 161 |
1 files changed, 161 insertions, 0 deletions
diff --git a/private/nw/nwlib/regacl.c b/private/nw/nwlib/regacl.c new file mode 100644 index 000000000..8258beae9 --- /dev/null +++ b/private/nw/nwlib/regacl.c @@ -0,0 +1,161 @@ +/*++ + +Copyright (c) 1993 Microsoft Corporation + +Module Name: + + regacl.c + +Abstract: + + This module contains the code for adding access permission ACL in a registry + key. + +Author: + + Terrence Kwan (terryk) 25-Sept-1993 + +Revision History: + +--*/ + +#include <procs.h> + +DWORD +NwLibSetEverybodyPermission( + IN HKEY hKey, + IN DWORD dwPermission + ) +/*++ + +Routine Description: + + Set the registry key to everybody "Set Value" (or whatever + the caller want.) + +Arguments: + + hKey - The handle of the registry key to set security on + + dwPermission - The permission to add to "everybody" + +Return Value: + + The win32 error. + +--*/ +{ + LONG err; // error code + PSECURITY_DESCRIPTOR psd = NULL; // related SD + PACL pDacl = NULL; // Absolute DACL + PACL pSacl = NULL; // Absolute SACL + PSID pOSid = NULL; // Absolute Owner SID + PSID pPSid = NULL; // Absolute Primary SID + + do { // Not a loop, just for breaking out of error + // + // Initialize all the variables... + // + // world sid authority + SID_IDENTIFIER_AUTHORITY SidAuth= SECURITY_WORLD_SID_AUTHORITY; + DWORD cbSize=0; // Security key size + PACL pAcl; // original ACL + BOOL fDaclPresent; + BOOL fDaclDefault; + PSID pSid; // original SID + SECURITY_DESCRIPTOR absSD; // Absolute SD + DWORD AbsSize = sizeof(SECURITY_DESCRIPTOR); // Absolute SD size + DWORD DaclSize; // Absolute DACL size + DWORD SaclSize; // Absolute SACL size + DWORD OSidSize; // Absolute OSID size + DWORD PSidSize; // Absolute PSID size + + + // Get the original DACL list + + RegGetKeySecurity( hKey, DACL_SECURITY_INFORMATION, NULL, &cbSize); + + psd = (PSECURITY_DESCRIPTOR *)LocalAlloc(LMEM_ZEROINIT, cbSize+sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID)); + pDacl = (PACL)LocalAlloc(LMEM_ZEROINIT, cbSize+sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID)); + pSacl = (PACL)LocalAlloc(LMEM_ZEROINIT, cbSize); + pOSid = (PSID)LocalAlloc(LMEM_ZEROINIT, cbSize); + pPSid = (PSID)LocalAlloc(LMEM_ZEROINIT, cbSize); + DaclSize = cbSize+sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID); + SaclSize = cbSize; + OSidSize = cbSize; + PSidSize = cbSize; + + if (( NULL == psd) || + ( NULL == pDacl) || + ( NULL == pSacl) || + ( NULL == pOSid) || + ( NULL == pPSid)) + { + err = ERROR_INSUFFICIENT_BUFFER; + break; + } + + if ( (err = RegGetKeySecurity( hKey, DACL_SECURITY_INFORMATION, psd, &cbSize )) != ERROR_SUCCESS ) + { + break; + } + if ( !GetSecurityDescriptorDacl( psd, &fDaclPresent, &pAcl, &fDaclDefault )) + { + err = GetLastError(); + break; + } + + // Increase the size for an extra ACE + + pAcl->AclSize += sizeof(ACCESS_ALLOWED_ACE)+sizeof(ACCESS_MASK)+sizeof(SID); + + // Get World SID + + if ( (err = RtlAllocateAndInitializeSid( &SidAuth, 1, + SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &pSid)) != ERROR_SUCCESS) + { + break; + } + + // Add Permission ACE + + if ( !AddAccessAllowedAce(pAcl, ACL_REVISION, dwPermission ,pSid)) + { + err = GetLastError(); + break; + } + + // Convert from relate format to absolute format + + if ( !MakeAbsoluteSD( psd, &absSD, &AbsSize, pDacl, &DaclSize, pSacl, &SaclSize, + pOSid, &OSidSize, pPSid, &PSidSize )) + { + err = GetLastError(); + break; + } + + // Set SD + + if ( !SetSecurityDescriptorDacl( &absSD, TRUE, pAcl, FALSE )) + { + err = GetLastError(); + break; + } + if ( (err = RegSetKeySecurity( hKey, DACL_SECURITY_INFORMATION, psd )) + != ERROR_SUCCESS ) + { + break; + } + + } while (FALSE); + + // Clean up the memory + + LocalFree( psd ); + LocalFree( pDacl ); + LocalFree( pSacl ); + LocalFree( pOSid ); + LocalFree( pPSid ); + + return err; +} |