Hi folks
based on my knowledge and some docs I used to read ages ago. Plus some recent
googling, I kinda recreated function GetSiteSidFromToken from advapi32.dll -
as it was missing there, and I couldn't start w2k taskmgr because of that. Of
course simple stub returning NULL should be sufficient, but I gave it a shot
and tried to implement it fresh and fully functional.
First, I am not sure of few things there. And if someone is more knowledgable
than I am - please let me know your thoughts.
As far as I know the function returns pointer to SID from token. But there's
more than one token. So it returns token that has "SITE" SID. Now, there were
quite few SIDs missing in ROS, I tried to add them - mainly guessing their
names based on some googling. Some docs on msdn say that they are all defined
in ntseapi.h - but I couldn't found that file anywhere. For more details
lookup attachment 1043 and corresponding bug.
Function is quite simple, it iterates through all sids, trying to match the
one with "SITE" authority. Question now arises - what if there's more than
one such SID ? Does ROS use SIDs 1-6 to 1-8 at all ? is the
SECURITY_INTERNETSITE_AUTHORITY the SITE authority or perhaps
SECURITY_SITESERVER_AUTHORITY ? I don't know.
I will try to write simple code that would ask original function from original
dll about it, and see what it comes up with.
First part of the code comes as simple c&p from other functions. The iteration
is quite obvious. I didn't knew what should I use to compare SIDs, so I used
memcmp. But perhaps simple comparing values in the table one by one would be
simple, or maybe there's some sort of ROSish/NTish specific function that is
more "right" than memcmp.
Another question I have - is it normal practice that you alloc extra ram and
return pointer to copy (seems to be in other places in your code), or should
I just simply return pointer to the SID ?
I do appreciate any comment. Patch is attached.
if someone has the ntseapi.h file anywhere on their discs, I would like you to
verify SECURITY_*_AUTHORITY names as well as values. I spent whole day
gathering info, and I used all info I could find.
Sorry for such long letter. Much too long I suppose.
this is my first attempt to hack anything for ros. I promise next time I would
try to take care of something more obvious and better documented.
till than, ta.
--
GJ
Show replies by date