sddl

package
v10.0.0-...-53ebdbe Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 29, 2023 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source
const (
	SDDL_REVISION   = 1 // SDDL Revision MUST always be 1.
	SID_REVISION    = 1 // SID Revision MUST always be 1.
	ACL_REVISION    = 2 // ACL revision for support basic ACE type used for filesystem ACLs.
	ACL_REVISION_DS = 4 // ACL revision for supporting stuff like Object ACE. This should ideally not be used with the ACE

)

* Valid/supported revision numbers for various object types. * * TODO: Do we need to support ACL_REVISION_DS (4) with support for Object ACEs? * Are they used for filesystem objects?

View Source
const (
	OWNER_SECURITY_INFORMATION            = 0x00000001
	GROUP_SECURITY_INFORMATION            = 0x00000002
	DACL_SECURITY_INFORMATION             = 0x00000004
	SACL_SECURITY_INFORMATION             = 0x00000008
	LABEL_SECURITY_INFORMATION            = 0x00000010
	ATTRIBUTE_SECURITY_INFORMATION        = 0x00000020
	SCOPE_SECURITY_INFORMATION            = 0x00000040
	BACKUP_SECURITY_INFORMATION           = 0x00010000
	PROTECTED_DACL_SECURITY_INFORMATION   = 0x80000000
	PROTECTED_SACL_SECURITY_INFORMATION   = 0x40000000
	UNPROTECTED_DACL_SECURITY_INFORMATION = 0x20000000
	UNPROTECTED_SACL_SECURITY_INFORMATION = 0x10000000
)

Valid bitmasks contained in type SECURITY_INFORMATION.

View Source
const (
	SE_OWNER_DEFAULTED       = 0x0001
	SE_GROUP_DEFAULTED       = 0x0002
	SE_DACL_PRESENT          = 0x0004
	SE_DACL_DEFAULTED        = 0x0008
	SE_SACL_PRESENT          = 0x0010
	SE_SACL_DEFAULTED        = 0x0020
	SE_DACL_AUTO_INHERIT_REQ = 0x0100
	SE_SACL_AUTO_INHERIT_REQ = 0x0200
	SE_DACL_AUTO_INHERITED   = 0x0400
	SE_SACL_AUTO_INHERITED   = 0x0800
	SE_DACL_PROTECTED        = 0x1000
	SE_SACL_PROTECTED        = 0x2000
	SE_RM_CONTROL_VALID      = 0x4000
	SE_SELF_RELATIVE         = 0x8000
)

Valid bitmasks contained in type SECURITY_DESCRIPTOR_CONTROL.

View Source
const (
	ACCESS_MIN_MS_ACE_TYPE                  = 0x0
	ACCESS_ALLOWED_ACE_TYPE                 = 0x0
	ACCESS_DENIED_ACE_TYPE                  = 0x1
	SYSTEM_AUDIT_ACE_TYPE                   = 0x2
	SYSTEM_ALARM_ACE_TYPE                   = 0x3
	ACCESS_MAX_MS_V2_ACE_TYPE               = 0x3
	ACCESS_ALLOWED_COMPOUND_ACE_TYPE        = 0x4
	ACCESS_MAX_MS_V3_ACE_TYPE               = 0x4
	ACCESS_MIN_MS_OBJECT_ACE_TYPE           = 0x5
	ACCESS_ALLOWED_OBJECT_ACE_TYPE          = 0x5
	ACCESS_DENIED_OBJECT_ACE_TYPE           = 0x6
	SYSTEM_AUDIT_OBJECT_ACE_TYPE            = 0x7
	SYSTEM_ALARM_OBJECT_ACE_TYPE            = 0x8
	ACCESS_MAX_MS_OBJECT_ACE_TYPE           = 0x8
	ACCESS_MAX_MS_V4_ACE_TYPE               = 0x8
	ACCESS_MAX_MS_ACE_TYPE                  = 0x8
	ACCESS_ALLOWED_CALLBACK_ACE_TYPE        = 0x9
	ACCESS_DENIED_CALLBACK_ACE_TYPE         = 0xA
	ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE = 0xB
	ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE  = 0xC
	SYSTEM_AUDIT_CALLBACK_ACE_TYPE          = 0xD
	SYSTEM_ALARM_CALLBACK_ACE_TYPE          = 0xE
	SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE   = 0xF
	SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE   = 0x10
	SYSTEM_MANDATORY_LABEL_ACE_TYPE         = 0x11
	SYSTEM_RESOURCE_ATTRIBUTE_ACE_TYPE      = 0x12
	SYSTEM_SCOPED_POLICY_ID_ACE_TYPE        = 0x13
	SYSTEM_PROCESS_TRUST_LABEL_ACE_TYPE     = 0x14
	SYSTEM_ACCESS_FILTER_ACE_TYPE           = 0x15
	ACCESS_MAX_MS_V5_ACE_TYPE               = 0x15
)

Valid AceType values present in ACE_HEADER.

View Source
const (
	OBJECT_INHERIT_ACE       = 0x01
	CONTAINER_INHERIT_ACE    = 0x02
	NO_PROPAGATE_INHERIT_ACE = 0x04
	INHERIT_ONLY_ACE         = 0x08
	INHERITED_ACE            = 0x10
	VALID_INHERIT_FLAGS      = 0x1F
	CRITICAL_ACE_FLAG        = 0x20

	// AceFlags mask for what events we (should) audit. Used by SACL.
	SUCCESSFUL_ACCESS_ACE_FLAG = 0x40
	FAILED_ACCESS_ACE_FLAG     = 0x80

	TRUST_PROTECTED_FILTER_ACE_FLAG = 0x40
)

Valid bitmasks contained in AceFlags present in ACE_HEADER.

View Source
const (
	// Generic access rights.
	GENERIC_READ             = 0x80000000
	GENERIC_WRITE            = 0x40000000
	GENERIC_EXECUTE          = 0x20000000
	GENERIC_ALL              = 0x10000000
	DELETE                   = 0x00010000
	READ_CONTROL             = 0x00020000
	WRITE_DAC                = 0x00040000
	WRITE_OWNER              = 0x00080000
	SYNCHRONIZE              = 0x00100000
	STANDARD_RIGHTS_REQUIRED = 0x000F0000
	STANDARD_RIGHTS_READ     = READ_CONTROL
	STANDARD_RIGHTS_WRITE    = READ_CONTROL
	STANDARD_RIGHTS_EXECUTE  = READ_CONTROL
	STANDARD_RIGHTS_ALL      = 0x001F0000
	SPECIFIC_RIGHTS_ALL      = 0x0000FFFF

	// Access rights for files and directories.
	FILE_READ_DATA        = 0x0001 /* file & pipe */
	FILE_READ_ATTRIBUTES  = 0x0080 /* all */
	FILE_READ_EA          = 0x0008 /* file & directory */
	FILE_WRITE_DATA       = 0x0002 /* file & pipe */
	FILE_WRITE_ATTRIBUTES = 0x0100 /* all */
	FILE_WRITE_EA         = 0x0010 /* file & directory */
	FILE_APPEND_DATA      = 0x0004 /* file */
	FILE_EXECUTE          = 0x0020 /* file */

	FILE_ALL_ACCESS      = (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x1FF)
	FILE_GENERIC_READ    = (STANDARD_RIGHTS_READ | FILE_READ_DATA | FILE_READ_ATTRIBUTES | FILE_READ_EA | SYNCHRONIZE)
	FILE_GENERIC_WRITE   = (STANDARD_RIGHTS_WRITE | FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA | FILE_APPEND_DATA | SYNCHRONIZE)
	FILE_GENERIC_EXECUTE = (STANDARD_RIGHTS_EXECUTE | FILE_READ_ATTRIBUTES | FILE_EXECUTE | SYNCHRONIZE)

	// Access rights for DS objects.
	ADS_RIGHT_DS_CREATE_CHILD   = 0x0001
	ADS_RIGHT_DS_DELETE_CHILD   = 0x0002
	ADS_RIGHT_ACTRL_DS_LIST     = 0x0004
	ADS_RIGHT_DS_SELF           = 0x0008
	ADS_RIGHT_DS_READ_PROP      = 0x0010
	ADS_RIGHT_DS_WRITE_PROP     = 0x0020
	ADS_RIGHT_DS_DELETE_TREE    = 0x0040
	ADS_RIGHT_DS_LIST_OBJECT    = 0x0080
	ADS_RIGHT_DS_CONTROL_ACCESS = 0x0100

	// Registry Specific Access Rights.
	KEY_QUERY_VALUE        = 0x0001
	KEY_SET_VALUE          = 0x0002
	KEY_CREATE_SUB_KEY     = 0x0004
	KEY_ENUMERATE_SUB_KEYS = 0x0008
	KEY_NOTIFY             = 0x0010
	KEY_CREATE_LINK        = 0x0020
	KEY_WOW64_32KEY        = 0x0200
	KEY_WOW64_64KEY        = 0x0100
	KEY_WOW64_RES          = 0x0300

	KEY_READ       = ((STANDARD_RIGHTS_READ | KEY_QUERY_VALUE | KEY_ENUMERATE_SUB_KEYS | KEY_NOTIFY) & (^SYNCHRONIZE))
	KEY_WRITE      = ((STANDARD_RIGHTS_WRITE | KEY_SET_VALUE | KEY_CREATE_SUB_KEY) & (^SYNCHRONIZE))
	KEY_EXECUTE    = ((KEY_READ) & (^SYNCHRONIZE))
	KEY_ALL_ACCESS = ((STANDARD_RIGHTS_ALL | KEY_QUERY_VALUE | KEY_SET_VALUE | KEY_CREATE_SUB_KEY | KEY_ENUMERATE_SUB_KEYS | KEY_NOTIFY | KEY_CREATE_LINK) & (^SYNCHRONIZE))

	// SYSTEM_ACCESS_FILTER_ACE Access rights.
	SYSTEM_MANDATORY_LABEL_NO_WRITE_UP   = 0x1
	SYSTEM_MANDATORY_LABEL_NO_READ_UP    = 0x2
	SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP = 0x4
)

Valid bitmasks contained in AccessMask present in type ACCESS_ALLOWED_ACE.

View Source
const (
	SECURITY_NULL_RID                   = 0
	SECURITY_WORLD_RID                  = 0
	SECURITY_LOCAL_RID                  = 0
	SECURITY_CREATOR_OWNER_RID          = 0
	SECURITY_CREATOR_GROUP_RID          = 1
	SECURITY_DIALUP_RID                 = 1
	SECURITY_NETWORK_RID                = 2
	SECURITY_BATCH_RID                  = 3
	SECURITY_INTERACTIVE_RID            = 4
	SECURITY_LOGON_IDS_RID              = 5
	SECURITY_SERVICE_RID                = 6
	SECURITY_LOCAL_SYSTEM_RID           = 18
	SECURITY_BUILTIN_DOMAIN_RID         = 32
	SECURITY_PRINCIPAL_SELF_RID         = 10
	SECURITY_CREATOR_OWNER_SERVER_RID   = 0x2
	SECURITY_CREATOR_GROUP_SERVER_RID   = 0x3
	SECURITY_LOGON_IDS_RID_COUNT        = 0x3
	SECURITY_ANONYMOUS_LOGON_RID        = 0x7
	SECURITY_PROXY_RID                  = 0x8
	SECURITY_ENTERPRISE_CONTROLLERS_RID = 0x9
	SECURITY_SERVER_LOGON_RID           = SECURITY_ENTERPRISE_CONTROLLERS_RID
	SECURITY_AUTHENTICATED_USER_RID     = 0xb
	SECURITY_RESTRICTED_CODE_RID        = 0xc
	SECURITY_NT_NON_UNIQUE_RID          = 0x15

	SECURITY_CREATOR_OWNER_RIGHTS_RID  = 0x00000004
	SECURITY_LOCAL_SERVICE_RID         = 0x00000013
	SECURITY_NETWORK_SERVICE_RID       = 0x00000014
	SECURITY_WRITE_RESTRICTED_CODE_RID = 0x00000021

	SECURITY_MANDATORY_LOW_RID         = 0x00001000
	SECURITY_MANDATORY_MEDIUM_RID      = 0x00002000
	SECURITY_MANDATORY_MEDIUM_PLUS_RID = (SECURITY_MANDATORY_MEDIUM_RID + 0x100)
	SECURITY_MANDATORY_HIGH_RID        = 0x00003000
	SECURITY_MANDATORY_SYSTEM_RID      = 0x00004000

	SECURITY_APP_PACKAGE_BASE_RID        = 0x00000002
	SECURITY_BUILTIN_PACKAGE_ANY_PACKAGE = 0x00000001
)
View Source
const (
	DOMAIN_ALIAS_RID_ADMINS                         = 0x220
	DOMAIN_ALIAS_RID_USERS                          = 0x221
	DOMAIN_ALIAS_RID_GUESTS                         = 0x222
	DOMAIN_ALIAS_RID_POWER_USERS                    = 0x223
	DOMAIN_ALIAS_RID_ACCOUNT_OPS                    = 0x224
	DOMAIN_ALIAS_RID_SYSTEM_OPS                     = 0x225
	DOMAIN_ALIAS_RID_PRINT_OPS                      = 0x226
	DOMAIN_ALIAS_RID_BACKUP_OPS                     = 0x227
	DOMAIN_ALIAS_RID_REPLICATOR                     = 0x228
	DOMAIN_ALIAS_RID_RAS_SERVERS                    = 0x229
	DOMAIN_ALIAS_RID_PREW2KCOMPACCESS               = 0x22A
	DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS           = 0x22B
	DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS      = 0x22C
	DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS = 0x22D
	DOMAIN_ALIAS_RID_MONITORING_USERS               = 0x22E
	DOMAIN_ALIAS_RID_LOGGING_USERS                  = 0x22F
	DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS            = 0x230
	DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS             = 0x231
	DOMAIN_ALIAS_RID_DCOM_USERS                     = 0x232
	DOMAIN_ALIAS_RID_IUSERS                         = 0x238
	DOMAIN_ALIAS_RID_CRYPTO_OPERATORS               = 0x239
	DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP     = 0x23B
	DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP = 0x23C
	DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP        = 0x23D
	DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP      = 0x23E
	DOMAIN_ALIAS_RID_RDS_REMOTE_ACCESS_SERVERS      = 0x23F
	DOMAIN_ALIAS_RID_RDS_ENDPOINT_SERVERS           = 0x240
	DOMAIN_ALIAS_RID_RDS_MANAGEMENT_SERVERS         = 0x241
	DOMAIN_ALIAS_RID_HYPER_V_ADMINS                 = 0x242
	DOMAIN_ALIAS_RID_ACCESS_CONTROL_ASSISTANCE_OPS  = 0x243
	DOMAIN_ALIAS_RID_REMOTE_MANAGEMENT_USERS        = 0x244
	DOMAIN_ALIAS_RID_DEFAULT_ACCOUNT                = 0x245
	DOMAIN_ALIAS_RID_STORAGE_REPLICA_ADMINS         = 0x246
	DOMAIN_ALIAS_RID_DEVICE_OWNERS                  = 0x247
)

Predefined domain-relative RIDs for local groups. See https://msdn.microsoft.com/en-us/library/windows/desktop/aa379649(v=vs.85).aspx

View Source
const (
	DOMAIN_GROUP_RID_ENTERPRISE_READONLY_DOMAIN_CONTROLLERS = 0x1F2 // 498
	DOMAIN_USER_RID_ADMIN                                   = 0x1F4 // 500
	DOMAIN_USER_RID_GUEST                                   = 0x1F5
	DOMAIN_GROUP_RID_ADMINS                                 = 0x200 // 512
	DOMAIN_GROUP_RID_USERS                                  = 0x201
	DOMAIN_GROUP_RID_GUESTS                                 = 0x202
	DOMAIN_GROUP_RID_COMPUTERS                              = 0x203
	DOMAIN_GROUP_RID_CONTROLLERS                            = 0x204
	DOMAIN_GROUP_RID_CERT_ADMINS                            = 0x205
	DOMAIN_GROUP_RID_SCHEMA_ADMINS                          = 0x206
	DOMAIN_GROUP_RID_ENTERPRISE_ADMINS                      = 0x207
	DOMAIN_GROUP_RID_POLICY_ADMINS                          = 0x208
	DOMAIN_GROUP_RID_READONLY_CONTROLLERS                   = 0x209
	DOMAIN_GROUP_RID_CLONEABLE_CONTROLLERS                  = 0x20A
	DOMAIN_GROUP_RID_CDC_RESERVED                           = 0x20C
	DOMAIN_GROUP_RID_PROTECTED_USERS                        = 0x20D
	DOMAIN_GROUP_RID_KEY_ADMINS                             = 0x20E
	DOMAIN_GROUP_RID_ENTERPRISE_KEY_ADMINS                  = 0x20F
)
View Source
const (
	SECURITY_AUTHENTICATION_AUTHORITY_ASSERTED_RID       = 0x1
	SECURITY_AUTHENTICATION_SERVICE_ASSERTED_RID         = 0x2
	SECURITY_AUTHENTICATION_FRESH_KEY_AUTH_RID           = 0x3
	SECURITY_AUTHENTICATION_KEY_TRUST_RID                = 0x4
	SECURITY_AUTHENTICATION_KEY_PROPERTY_MFA_RID         = 0x5
	SECURITY_AUTHENTICATION_KEY_PROPERTY_ATTESTATION_RID = 0x6
)
View Source
const SID_MAX_SUB_AUTHORITIES = 15

Maximum sub authority values present in a SID.

Variables

View Source
var (
	SECURITY_NULL_SID_AUTHORITY         = [6]byte{0, 0, 0, 0, 0, 0}
	SECURITY_WORLD_SID_AUTHORITY        = [6]byte{0, 0, 0, 0, 0, 1}
	SECURITY_LOCAL_SID_AUTHORITY        = [6]byte{0, 0, 0, 0, 0, 2}
	SECURITY_CREATOR_SID_AUTHORITY      = [6]byte{0, 0, 0, 0, 0, 3}
	SECURITY_NON_UNIQUE_AUTHORITY       = [6]byte{0, 0, 0, 0, 0, 4}
	SECURITY_NT_AUTHORITY               = [6]byte{0, 0, 0, 0, 0, 5}
	SECURITY_APP_PACKAGE_AUTHORITY      = [6]byte{0, 0, 0, 0, 0, 15}
	SECURITY_MANDATORY_LABEL_AUTHORITY  = [6]byte{0, 0, 0, 0, 0, 16}
	SECURITY_SCOPED_POLICY_ID_AUTHORITY = [6]byte{0, 0, 0, 0, 0, 17}
	SECURITY_AUTHENTICATION_AUTHORITY   = [6]byte{0, 0, 0, 0, 0, 18}
)
View Source
var LiteralSIDRegex = regexp.MustCompile(`SID\(.*?\)`)
View Source
var StringRegex = regexp.MustCompile(`("")|(".*?[^\\]")`)

Functions

func CanonicalizeSid

func CanonicalizeSid(sidString string) (string, error)

Convert a possibly non-numeric SID to numeric SID.

func IffInt

func IffInt(condition bool, tVal, fVal int) int

func OSTranslateSID

func OSTranslateSID(SID string) (string, error)

Note that all usages of OSTranslateSID gracefully handle the error, rather than throwing the error.

func QuerySecurityObject

func QuerySecurityObject(path string, flags SECURITY_INFORMATION) ([]byte, error)

QuerySecurityObject is the equivalent of ntdll.NtQuerySecurityObject method. It fetches the binary SECURITY_DESCRIPTOR for the given file. 'flags' instructs what parts of the Security Descriptor needs to be queried. Returns a valid binary SECURITY_DESCRIPTOR_RELATIVE structure as a byte slice.

func SecurityDescriptorFromString

func SecurityDescriptorFromString(sddlString string) ([]byte, error)

SecurityDescriptorFromString converts a SDDL formatted string into a binary Security Descriptor in SECURITY_DESCRIPTOR_RELATIVE format.

func SecurityDescriptorToString

func SecurityDescriptorToString(sd []byte) (string, error)

SecurityDescriptorToString returns an SDDL format string corresponding to the passed in binary Security Descriptor in SECURITY_DESCRIPTOR_RELATIVE format.

func SetControl

func SetControl(sd []byte, controlBitsOfInterest, controlBitsToSet SECURITY_DESCRIPTOR_CONTROL) error

SetControl sets the requested control bits in the given security descriptor.

func SetSecurityObject

func SetSecurityObject(path string, flags SECURITY_INFORMATION, sd []byte) error

SetSecurityObject is the equivalent of ntdll.NtSetSecurityObject method. It sets the given SECURITY_DESCRIPTOR for the given file. flags instructs what all needs to be set. sd should be a valid binary SECURITY_DESCRIPTOR_RELATIVE structure as a byte slice.

Types

type ACCESS_ALLOWED_ACE

type ACCESS_ALLOWED_ACE struct {
	Header ACE_HEADER
	// What permissions is this ACE controlling?
	AccessMask DWORD
	// SID to which these permissions apply.
	Sid SID
}

* Single ACE (Access Check Entry). * One or more of these are contained in ACL. * The Linux equivalent struct is "struct cifs_ace".

type ACE_HEADER

type ACE_HEADER struct {
	AceType  BYTE
	AceFlags BYTE
	AceSize  WORD
}

* Header at the beginning of every ACE.

type ACL

type ACL struct {
	AclRevision BYTE
	Sbz1        BYTE
	AclSize     WORD
	AceCount    WORD
	Sbz2        WORD
}

* Binary ACL format. Used for both DACL and SACL. * The Linux equivalent struct is "struct cifs_acl".

type ACLEntry

type ACLEntry struct {
	Sections []string
}

field 5 and field 6 will contain SIDs. field 5 is a lone SID, but field 6 will contain SIDs under SID(.*)

type ACLList

type ACLList struct {
	Flags      string
	ACLEntries []ACLEntry
}

func (*ACLList) PortableString

func (a *ACLList) PortableString() string

PortableString returns a SDDL that's been ported from non-descript, well known SID strings (such as DU, DA, etc.) to domain-specific strings. This allows us to not mix up the admins from one domain to another. Azure Files requires that we do this.

func (*ACLList) String

func (a *ACLList) String() string

type AnySID

type AnySID struct {
	Revision            byte
	SubAuthorityCount   byte
	IdentifierAuthority [6]byte
	SubAuthority        []uint32
}

type BYTE

type BYTE byte

* Define some Windows type names for increased readability of various Windows structs we use here.

type DWORD

type DWORD uint32

type SDDLString

type SDDLString struct {
	OwnerSID, GroupSID string
	DACL, SACL         ACLList
}

Owner and group SIDs need replacement

func ParseSDDL

func ParseSDDL(input string) (sddl SDDLString, err error)

func (SDDLString) Compare

func (s SDDLString) Compare(other SDDLString) bool

func (*SDDLString) PortableString

func (s *SDDLString) PortableString() string

func (*SDDLString) String

func (s *SDDLString) String() string

type SECURITY_DESCRIPTOR_CONTROL

type SECURITY_DESCRIPTOR_CONTROL WORD

* This is NT Security Descriptor in "Self Relative" format. * This is returned when common.CIFS_XATTR_CIFS_NTSD xattr is queried for a file. * The Linux equivalent struct is "struct cifs_ntsd".

func GetControl

func GetControl(sd []byte) (SECURITY_DESCRIPTOR_CONTROL, error)

GetControl returns the security descriptor control bits.

type SECURITY_DESCRIPTOR_RELATIVE

type SECURITY_DESCRIPTOR_RELATIVE struct {
	// Revision number of this SECURITY_DESCRIPTOR. Must be 1.
	Revision BYTE
	// Zero byte.
	Sbz1 BYTE
	// Flag bits describing this SECURITY_DESCRIPTOR.
	Control SECURITY_DESCRIPTOR_CONTROL
	// Offset of owner sid. There's a SID structure at this offset.
	OffsetOwner DWORD
	// Offset of primary group sid. There's a SID structure at this offset.
	OffsetGroup DWORD
	// Offset of SACL. There's an ACL structure at this offset.
	OffsetSacl DWORD
	// Offset of DACL. There's an ACL structure at this offset.
	OffsetDacl DWORD
	// 0 or more bytes (depending on the various offsets above) follow this structure.
	Data [0]BYTE
}

type SECURITY_INFORMATION

type SECURITY_INFORMATION uint32

type SID

type SID struct {
	Revision BYTE
	// How many DWORD SubAuthority values? Cannot be 0, max possible value is SID_MAX_SUB_AUTHORITIES.
	SubAuthorityCount BYTE
	// IdentifierAuthority is in big endian format.
	IdentifierAuthority [6]BYTE
	// SubAuthorityCount SubAuthority DWORDs.
	SubAuthority [1]DWORD
}

* SID structure. * The Linux equivalent struct is "struct cifs_sid".

type WORD

type WORD uint16

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL