Cleanup SID initialization and fill all SeExports fields.
Modified: trunk/reactos/ntoskrnl/include/internal/se.h
Modified: trunk/reactos/ntoskrnl/se/priv.c
Modified: trunk/reactos/ntoskrnl/se/semgr.c
Modified: trunk/reactos/ntoskrnl/se/sid.c
_____
Modified: trunk/reactos/ntoskrnl/include/internal/se.h
--- trunk/reactos/ntoskrnl/include/internal/se.h 2005-08-01
08:58:15 UTC (rev 16935)
+++ trunk/reactos/ntoskrnl/include/internal/se.h 2005-08-01
09:05:20 UTC (rev 16936)
@@ -37,6 +37,9 @@
extern PSID SeAliasSystemOpsSid;
extern PSID SeAliasPrintOpsSid;
extern PSID SeAliasBackupOpsSid;
+extern PSID SeAuthenticatedUsersSid;
+extern PSID SeRestrictedSid;
+extern PSID SeAnonymousLogonSid;
/* Privileges */
extern LUID SeCreateTokenPrivilege;
@@ -62,6 +65,9 @@
extern LUID SeSystemEnvironmentPrivilege;
extern LUID SeChangeNotifyPrivilege;
extern LUID SeRemoteShutdownPrivilege;
+extern LUID SeUndockPrivilege;
+extern LUID SeSyncAgentPrivilege;
+extern LUID SeEnableDelegationPrivilege;
/* DACLs */
extern PACL SePublicDefaultUnrestrictedDacl;
_____
Modified: trunk/reactos/ntoskrnl/se/priv.c
--- trunk/reactos/ntoskrnl/se/priv.c 2005-08-01 08:58:15 UTC (rev
16935)
+++ trunk/reactos/ntoskrnl/se/priv.c 2005-08-01 09:05:20 UTC (rev
16936)
@@ -40,6 +40,9 @@
LUID SeSystemEnvironmentPrivilege;
LUID SeChangeNotifyPrivilege;
LUID SeRemoteShutdownPrivilege;
+LUID SeUndockPrivilege;
+LUID SeSyncAgentPrivilege;
+LUID SeEnableDelegationPrivilege;
/* FUNCTIONS
***************************************************************/
@@ -93,6 +96,12 @@
SeChangeNotifyPrivilege.HighPart = 0;
SeRemoteShutdownPrivilege.LowPart = SE_REMOTE_SHUTDOWN_PRIVILEGE;
SeRemoteShutdownPrivilege.HighPart = 0;
+ SeUndockPrivilege.LowPart = SE_UNDOCK_PRIVILEGE;
+ SeUndockPrivilege.HighPart = 0;
+ SeSyncAgentPrivilege.LowPart = SE_SYNC_AGENT_PRIVILEGE;
+ SeSyncAgentPrivilege.HighPart = 0;
+ SeEnableDelegationPrivilege.LowPart = SE_ENABLE_DELEGATION_PRIVILEGE;
+ SeEnableDelegationPrivilege.HighPart = 0;
}
_____
Modified: trunk/reactos/ntoskrnl/se/semgr.c
--- trunk/reactos/ntoskrnl/se/semgr.c 2005-08-01 08:58:15 UTC (rev
16935)
+++ trunk/reactos/ntoskrnl/se/semgr.c 2005-08-01 09:05:20 UTC (rev
16936)
@@ -165,7 +165,14 @@
SepExports.SeAliasSystemOpsSid = SeAliasSystemOpsSid;
SepExports.SeAliasPrintOpsSid = SeAliasPrintOpsSid;
SepExports.SeAliasBackupOpsSid = SeAliasBackupOpsSid;
+ SepExports.SeAuthenticatedUsersSid = SeAuthenticatedUsersSid;
+ SepExports.SeRestrictedSid = SeRestrictedSid;
+ SepExports.SeAnonymousLogonSid = SeAnonymousLogonSid;
+ SepExports.SeUndockPrivilege = SeUndockPrivilege;
+ SepExports.SeSyncAgentPrivilege = SeSyncAgentPrivilege;
+ SepExports.SeEnableDelegationPrivilege = SeEnableDelegationPrivilege;
+
SeExports = &SepExports;
return TRUE;
}
_____
Modified: trunk/reactos/ntoskrnl/se/sid.c
--- trunk/reactos/ntoskrnl/se/sid.c 2005-08-01 08:58:15 UTC (rev
16935)
+++ trunk/reactos/ntoskrnl/se/sid.c 2005-08-01 09:05:20 UTC (rev
16936)
@@ -36,7 +36,6 @@
PSID SeBatchSid = NULL;
PSID SeInteractiveSid = NULL;
PSID SeServiceSid = NULL;
-PSID SeAnonymousLogonSid = NULL;
PSID SePrincipalSelfSid = NULL;
PSID SeLocalSystemSid = NULL;
PSID SeAuthenticatedUserSid = NULL;
@@ -49,6 +48,9 @@
PSID SeAliasSystemOpsSid = NULL;
PSID SeAliasPrintOpsSid = NULL;
PSID SeAliasBackupOpsSid = NULL;
+PSID SeAuthenticatedUsersSid = NULL;
+PSID SeRestrictedSid = NULL;
+PSID SeAnonymousLogonSid = NULL;
/* FUNCTIONS
****************************************************************/
@@ -67,398 +69,153 @@
SidLength2 = RtlLengthRequiredSid(2);
/* create NullSid */
- SeNullSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeNullSid == NULL)
+ SeNullSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+ SeWorldSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+ SeLocalSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+ SeCreatorOwnerSid = ExAllocatePoolWithTag(PagedPool, SidLength1,
TAG_SID);
+ SeCreatorGroupSid = ExAllocatePoolWithTag(PagedPool, SidLength1,
TAG_SID);
+ SeCreatorOwnerServerSid = ExAllocatePoolWithTag(PagedPool,
SidLength1, TAG_SID);
+ SeCreatorGroupServerSid = ExAllocatePoolWithTag(PagedPool,
SidLength1, TAG_SID);
+ SeNtAuthoritySid = ExAllocatePoolWithTag(PagedPool, SidLength0,
TAG_SID);
+ SeDialupSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+ SeNetworkSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+ SeBatchSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+ SeInteractiveSid = ExAllocatePoolWithTag(PagedPool, SidLength1,
TAG_SID);
+ SeServiceSid = ExAllocatePoolWithTag(PagedPool, SidLength1, TAG_SID);
+ SePrincipalSelfSid = ExAllocatePoolWithTag(PagedPool, SidLength1,
TAG_SID);
+ SeLocalSystemSid = ExAllocatePoolWithTag(PagedPool, SidLength1,
TAG_SID);
+ SeAuthenticatedUserSid = ExAllocatePoolWithTag(PagedPool, SidLength1,
TAG_SID);
+ SeRestrictedCodeSid = ExAllocatePoolWithTag(PagedPool, SidLength1,
TAG_SID);
+ SeAliasAdminsSid = ExAllocatePoolWithTag(PagedPool, SidLength2,
TAG_SID);
+ SeAliasUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2,
TAG_SID);
+ SeAliasGuestsSid = ExAllocatePoolWithTag(PagedPool, SidLength2,
TAG_SID);
+ SeAliasPowerUsersSid = ExAllocatePoolWithTag(PagedPool, SidLength2,
TAG_SID);
+ SeAliasAccountOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2,
TAG_SID);
+ SeAliasSystemOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2,
TAG_SID);
+ SeAliasPrintOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2,
TAG_SID);
+ SeAliasBackupOpsSid = ExAllocatePoolWithTag(PagedPool, SidLength2,
TAG_SID);
+ SeAuthenticatedUsersSid = ExAllocatePoolWithTag(PagedPool,
SidLength1, TAG_SID);
+ SeRestrictedSid = ExAllocatePoolWithTag(PagedPool, SidLength1,
TAG_SID);
+ SeAnonymousLogonSid = ExAllocatePoolWithTag(PagedPool, SidLength1,
TAG_SID);
+
+ if (SeNullSid == NULL || SeNullSid == NULL || SeWorldSid == NULL ||
+ SeLocalSid == NULL || SeCreatorOwnerSid == NULL ||
+ SeCreatorGroupSid == NULL || SeCreatorOwnerServerSid == NULL ||
+ SeCreatorGroupServerSid == NULL || SeNtAuthoritySid == NULL ||
+ SeDialupSid == NULL || SeNetworkSid == NULL || SeBatchSid == NULL
||
+ SeInteractiveSid == NULL || SeServiceSid == NULL ||
+ SePrincipalSelfSid == NULL || SeLocalSystemSid == NULL ||
+ SeAuthenticatedUserSid == NULL || SeRestrictedCodeSid == NULL ||
+ SeAliasAdminsSid == NULL || SeAliasUsersSid == NULL ||
+ SeAliasGuestsSid == NULL || SeAliasPowerUsersSid == NULL ||
+ SeAliasAccountOpsSid == NULL || SeAliasSystemOpsSid == NULL ||
+ SeAliasPrintOpsSid == NULL || SeAliasBackupOpsSid == NULL ||
+ SeAuthenticatedUsersSid == NULL || SeRestrictedSid == NULL ||
+ SeAnonymousLogonSid == NULL)
+ {
+ /* FIXME: We're leaking memory here. */
return(FALSE);
+ }
- RtlInitializeSid(SeNullSid,
- &SeNullSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeNullSid,
- 0);
- *SubAuthority = SECURITY_NULL_RID;
+ RtlInitializeSid(SeNullSid, &SeNullSidAuthority, 1);
+ RtlInitializeSid(SeWorldSid, &SeWorldSidAuthority, 1);
+ RtlInitializeSid(SeLocalSid, &SeLocalSidAuthority, 1);
+ RtlInitializeSid(SeCreatorOwnerSid, &SeCreatorSidAuthority, 1);
+ RtlInitializeSid(SeCreatorGroupSid, &SeCreatorSidAuthority, 1);
+ RtlInitializeSid(SeCreatorOwnerServerSid, &SeCreatorSidAuthority, 1);
+ RtlInitializeSid(SeCreatorGroupServerSid, &SeCreatorSidAuthority, 1);
+ RtlInitializeSid(SeNtAuthoritySid, &SeNtSidAuthority, 0);
+ RtlInitializeSid(SeDialupSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SeNetworkSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SeBatchSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SeInteractiveSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SeServiceSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SePrincipalSelfSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SeLocalSystemSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SeAuthenticatedUserSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SeRestrictedCodeSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SeAliasAdminsSid, &SeNtSidAuthority, 2);
+ RtlInitializeSid(SeAliasUsersSid, &SeNtSidAuthority, 2);
+ RtlInitializeSid(SeAliasGuestsSid, &SeNtSidAuthority, 2);
+ RtlInitializeSid(SeAliasPowerUsersSid, &SeNtSidAuthority, 2);
+ RtlInitializeSid(SeAliasAccountOpsSid, &SeNtSidAuthority, 2);
+ RtlInitializeSid(SeAliasSystemOpsSid, &SeNtSidAuthority, 2);
+ RtlInitializeSid(SeAliasPrintOpsSid, &SeNtSidAuthority, 2);
+ RtlInitializeSid(SeAliasBackupOpsSid, &SeNtSidAuthority, 2);
+ RtlInitializeSid(SeAuthenticatedUsersSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SeRestrictedSid, &SeNtSidAuthority, 1);
+ RtlInitializeSid(SeAnonymousLogonSid, &SeNtSidAuthority, 1);
- /* create WorldSid */
- SeWorldSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeWorldSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeWorldSid,
- &SeWorldSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeWorldSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeNullSid, 0);
+ *SubAuthority = SECURITY_NULL_RID;
+ SubAuthority = RtlSubAuthoritySid(SeWorldSid, 0);
*SubAuthority = SECURITY_WORLD_RID;
-
- /* create LocalSid */
- SeLocalSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeLocalSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeLocalSid,
- &SeLocalSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeLocalSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeLocalSid, 0);
*SubAuthority = SECURITY_LOCAL_RID;
-
- /* create CreatorOwnerSid */
- SeCreatorOwnerSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeCreatorOwnerSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeCreatorOwnerSid,
- &SeCreatorSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerSid, 0);
*SubAuthority = SECURITY_CREATOR_OWNER_RID;
-
- /* create CreatorGroupSid */
- SeCreatorGroupSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeCreatorGroupSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeCreatorGroupSid,
- &SeCreatorSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeCreatorGroupSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeCreatorGroupSid, 0);
*SubAuthority = SECURITY_CREATOR_GROUP_RID;
-
- /* create CreatorOwnerServerSid */
- SeCreatorOwnerServerSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeCreatorOwnerServerSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeCreatorOwnerServerSid,
- &SeCreatorSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerServerSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeCreatorOwnerServerSid, 0);
*SubAuthority = SECURITY_CREATOR_OWNER_SERVER_RID;
-
- /* create CreatorGroupServerSid */
- SeCreatorGroupServerSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeCreatorGroupServerSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeCreatorGroupServerSid,
- &SeCreatorSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeCreatorGroupServerSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeCreatorGroupServerSid, 0);
*SubAuthority = SECURITY_CREATOR_GROUP_SERVER_RID;
-
-
- /* create NtAuthoritySid */
- SeNtAuthoritySid = ExAllocatePoolWithTag(PagedPool,
- SidLength0,
- TAG_SID);
- if (SeNtAuthoritySid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeNtAuthoritySid,
- &SeNtSidAuthority,
- 0);
-
- /* create DialupSid */
- SeDialupSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeDialupSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeDialupSid,
- &SeNtSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeDialupSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeDialupSid, 0);
*SubAuthority = SECURITY_DIALUP_RID;
-
- /* create NetworkSid */
- SeNetworkSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeNetworkSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeNetworkSid,
- &SeNtSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeNetworkSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeNetworkSid, 0);
*SubAuthority = SECURITY_NETWORK_RID;
-
- /* create BatchSid */
- SeBatchSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeBatchSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeBatchSid,
- &SeNtSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeBatchSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeBatchSid, 0);
*SubAuthority = SECURITY_BATCH_RID;
-
- /* create InteractiveSid */
- SeInteractiveSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeInteractiveSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeInteractiveSid,
- &SeNtSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeInteractiveSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeInteractiveSid, 0);
*SubAuthority = SECURITY_INTERACTIVE_RID;
-
- /* create ServiceSid */
- SeServiceSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeServiceSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeServiceSid,
- &SeNtSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeServiceSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeServiceSid, 0);
*SubAuthority = SECURITY_SERVICE_RID;
-
- /* create AnonymousLogonSid */
- SeAnonymousLogonSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeAnonymousLogonSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeAnonymousLogonSid,
- &SeNtSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid,
- 0);
- *SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;
-
- /* create PrincipalSelfSid */
- SePrincipalSelfSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SePrincipalSelfSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SePrincipalSelfSid,
- &SeNtSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SePrincipalSelfSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SePrincipalSelfSid, 0);
*SubAuthority = SECURITY_PRINCIPAL_SELF_RID;
-
- /* create LocalSystemSid */
- SeLocalSystemSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeLocalSystemSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeLocalSystemSid,
- &SeNtSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeLocalSystemSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeLocalSystemSid, 0);
*SubAuthority = SECURITY_LOCAL_SYSTEM_RID;
-
- /* create AuthenticatedUserSid */
- SeAuthenticatedUserSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeAuthenticatedUserSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeAuthenticatedUserSid,
- &SeNtSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUserSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUserSid, 0);
*SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
-
- /* create RestrictedCodeSid */
- SeRestrictedCodeSid = ExAllocatePoolWithTag(PagedPool,
- SidLength1,
- TAG_SID);
- if (SeRestrictedCodeSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeRestrictedCodeSid,
- &SeNtSidAuthority,
- 1);
- SubAuthority = RtlSubAuthoritySid(SeRestrictedCodeSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeRestrictedCodeSid, 0);
*SubAuthority = SECURITY_RESTRICTED_CODE_RID;
-
- /* create AliasAdminsSid */
- SeAliasAdminsSid = ExAllocatePoolWithTag(PagedPool,
- SidLength2,
- TAG_SID);
- if (SeAliasAdminsSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeAliasAdminsSid,
- &SeNtSidAuthority,
- 2);
- SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
-
- SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid,
- 1);
+ SubAuthority = RtlSubAuthoritySid(SeAliasAdminsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_ADMINS;
-
- /* create AliasUsersSid */
- SeAliasUsersSid = ExAllocatePoolWithTag(PagedPool,
- SidLength2,
- TAG_SID);
- if (SeAliasUsersSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeAliasUsersSid,
- &SeNtSidAuthority,
- 2);
- SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
-
- SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid,
- 1);
+ SubAuthority = RtlSubAuthoritySid(SeAliasUsersSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_USERS;
-
- /* create AliasGuestsSid */
- SeAliasGuestsSid = ExAllocatePoolWithTag(PagedPool,
- SidLength2,
- TAG_SID);
- if (SeAliasGuestsSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeAliasGuestsSid,
- &SeNtSidAuthority,
- 2);
- SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
-
- SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid,
- 1);
+ SubAuthority = RtlSubAuthoritySid(SeAliasGuestsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_GUESTS;
-
- /* create AliasPowerUsersSid */
- SeAliasPowerUsersSid = ExAllocatePoolWithTag(PagedPool,
- SidLength2,
- TAG_SID);
- if (SeAliasPowerUsersSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeAliasPowerUsersSid,
- &SeNtSidAuthority,
- 2);
- SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
-
- SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid,
- 1);
+ SubAuthority = RtlSubAuthoritySid(SeAliasPowerUsersSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_POWER_USERS;
-
- /* create AliasAccountOpsSid */
- SeAliasAccountOpsSid = ExAllocatePoolWithTag(PagedPool,
- SidLength2,
- TAG_SID);
- if (SeAliasAccountOpsSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeAliasAccountOpsSid,
- &SeNtSidAuthority,
- 2);
- SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
-
- SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid,
- 1);
+ SubAuthority = RtlSubAuthoritySid(SeAliasAccountOpsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_ACCOUNT_OPS;
-
- /* create AliasSystemOpsSid */
- SeAliasSystemOpsSid = ExAllocatePoolWithTag(PagedPool,
- SidLength2,
- TAG_SID);
- if (SeAliasSystemOpsSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeAliasSystemOpsSid,
- &SeNtSidAuthority,
- 2);
- SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
-
- SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid,
- 1);
+ SubAuthority = RtlSubAuthoritySid(SeAliasSystemOpsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_SYSTEM_OPS;
-
- /* create AliasPrintOpsSid */
- SeAliasPrintOpsSid = ExAllocatePoolWithTag(PagedPool,
- SidLength2,
- TAG_SID);
- if (SeAliasPrintOpsSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeAliasPrintOpsSid,
- &SeNtSidAuthority,
- 2);
- SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
-
- SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid,
- 1);
+ SubAuthority = RtlSubAuthoritySid(SeAliasPrintOpsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_PRINT_OPS;
-
- /* create AliasBackupOpsSid */
- SeAliasBackupOpsSid = ExAllocatePoolWithTag(PagedPool,
- SidLength2,
- TAG_SID);
- if (SeAliasBackupOpsSid == NULL)
- return(FALSE);
-
- RtlInitializeSid(SeAliasBackupOpsSid,
- &SeNtSidAuthority,
- 2);
- SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid,
- 0);
+ SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 0);
*SubAuthority = SECURITY_BUILTIN_DOMAIN_RID;
-
- SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid,
- 1);
+ SubAuthority = RtlSubAuthoritySid(SeAliasBackupOpsSid, 1);
*SubAuthority = DOMAIN_ALIAS_RID_BACKUP_OPS;
+ SubAuthority = RtlSubAuthoritySid(SeAuthenticatedUsersSid, 0);
+ *SubAuthority = SECURITY_AUTHENTICATED_USER_RID;
+ SubAuthority = RtlSubAuthoritySid(SeRestrictedSid, 0);
+ *SubAuthority = SECURITY_RESTRICTED_CODE_RID;
+ SubAuthority = RtlSubAuthoritySid(SeAnonymousLogonSid, 0);
+ *SubAuthority = SECURITY_ANONYMOUS_LOGON_RID;
return(TRUE);
}