2
Unix SMB/CIFS implementation.
3
SMB parameters and setup
4
Copyright (C) Andrew Tridgell 1992-2000
5
Copyright (C) Luke Kenneth Casson Leighton 1996-2000
7
This program is free software; you can redistribute it and/or modify
8
it under the terms of the GNU General Public License as published by
9
the Free Software Foundation; either version 3 of the License, or
10
(at your option) any later version.
12
This program is distributed in the hope that it will be useful,
13
but WITHOUT ANY WARRANTY; without even the implied warranty of
14
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
GNU General Public License for more details.
17
You should have received a copy of the GNU General Public License
18
along with this program. If not, see <http://www.gnu.org/licenses/>.
21
#ifndef _RPC_SECDES_H /* _RPC_SECDES_H */
25
#define SEC_RIGHTS_LIST_CONTENTS 0x4
26
#define SEC_RIGHTS_LIST_OBJECT 0x80
27
#define SEC_RIGHTS_READ_ALL_PROP 0x10
28
#define SEC_RIGHTS_READ_PERMS 0x20000
29
#define SEC_RIGHTS_WRITE_ALL_VALID 0x8
30
#define SEC_RIGHTS_WRITE_ALL_PROP 0x20
31
#define SEC_RIGHTS_MODIFY_OWNER 0x80000
32
#define SEC_RIGHTS_MODIFY_PERMS 0x40000
33
#define SEC_RIGHTS_CREATE_CHILD 0x1
34
#define SEC_RIGHTS_DELETE_CHILD 0x2
35
#define SEC_RIGHTS_DELETE_SUBTREE 0x40
36
#define SEC_RIGHTS_DELETE 0x10000 /* advanced/special/object/delete */
37
#define SEC_RIGHTS_EXTENDED 0x100 /* change/reset password, receive/send as*/
38
#define SEC_RIGHTS_CHANGE_PASSWD SEC_RIGHTS_EXTENDED
39
#define SEC_RIGHTS_RESET_PASSWD SEC_RIGHTS_EXTENDED
40
#define SEC_RIGHTS_FULL_CTRL 0xf01ff
43
* New Windows 2000 bits.
45
#define SE_DESC_DACL_AUTO_INHERIT_REQ 0x0100
46
#define SE_DESC_SACL_AUTO_INHERIT_REQ 0x0200
47
#define SE_DESC_DACL_AUTO_INHERITED 0x0400
48
#define SE_DESC_SACL_AUTO_INHERITED 0x0800
49
#define SE_DESC_DACL_PROTECTED 0x1000
50
#define SE_DESC_SACL_PROTECTED 0x2000
52
/* security information */
53
#define OWNER_SECURITY_INFORMATION 0x00000001
54
#define GROUP_SECURITY_INFORMATION 0x00000002
55
#define DACL_SECURITY_INFORMATION 0x00000004
56
#define SACL_SECURITY_INFORMATION 0x00000008
57
/* Extra W2K flags. */
58
#define UNPROTECTED_SACL_SECURITY_INFORMATION 0x10000000
59
#define UNPROTECTED_DACL_SECURITY_INFORMATION 0x20000000
60
#define PROTECTED_SACL_SECURITY_INFORMATION 0x40000000
61
#define PROTECTED_DACL_SECURITY_INFORMATION 0x80000000
63
#define ALL_SECURITY_INFORMATION (OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|\
64
DACL_SECURITY_INFORMATION|SACL_SECURITY_INFORMATION|\
65
UNPROTECTED_SACL_SECURITY_INFORMATION|\
66
UNPROTECTED_DACL_SECURITY_INFORMATION|\
67
PROTECTED_SACL_SECURITY_INFORMATION|\
68
PROTECTED_DACL_SECURITY_INFORMATION)
71
typedef struct security_ace SEC_ACE;
74
#define ACL_REVISION 0x3
79
typedef struct security_acl SEC_ACL;
83
#ifndef SEC_DESC_REVISION
84
#define SEC_DESC_REVISION 0x1
89
typedef struct security_descriptor SEC_DESC;
90
#define SEC_DESC_HEADER_SIZE (2 * sizeof(uint16) + 4 * sizeof(uint32))
96
typedef struct sec_desc_buf SEC_DESC_BUF;
100
/* A type to describe the mapping of generic access rights to object
101
specific access rights. */
103
struct generic_mapping {
105
uint32 generic_write;
106
uint32 generic_execute;
110
struct standard_mapping {
118
/* Security Access Masks Rights */
120
#define SPECIFIC_RIGHTS_MASK 0x0000FFFF
121
#define STANDARD_RIGHTS_MASK 0x00FF0000
122
#define GENERIC_RIGHTS_MASK 0xF0000000
124
/* Generic access rights */
126
#define GENERIC_RIGHT_ALL_ACCESS 0x10000000
127
#define GENERIC_RIGHT_EXECUTE_ACCESS 0x20000000
128
#define GENERIC_RIGHT_WRITE_ACCESS 0x40000000
129
#define GENERIC_RIGHT_READ_ACCESS 0x80000000
131
/* Standard access rights. */
133
#define STD_RIGHT_DELETE_ACCESS 0x00010000
134
#define STD_RIGHT_READ_CONTROL_ACCESS 0x00020000
135
#define STD_RIGHT_WRITE_DAC_ACCESS 0x00040000
136
#define STD_RIGHT_WRITE_OWNER_ACCESS 0x00080000
137
#define STD_RIGHT_SYNCHRONIZE_ACCESS 0x00100000
139
#define STD_RIGHT_ALL_ACCESS 0x001F0000
141
/* File Object specific access rights */
143
#define SA_RIGHT_FILE_READ_DATA 0x00000001
144
#define SA_RIGHT_FILE_WRITE_DATA 0x00000002
145
#define SA_RIGHT_FILE_APPEND_DATA 0x00000004
146
#define SA_RIGHT_FILE_READ_EA 0x00000008
147
#define SA_RIGHT_FILE_WRITE_EA 0x00000010
148
#define SA_RIGHT_FILE_EXECUTE 0x00000020
149
#define SA_RIGHT_FILE_DELETE_CHILD 0x00000040
150
#define SA_RIGHT_FILE_READ_ATTRIBUTES 0x00000080
151
#define SA_RIGHT_FILE_WRITE_ATTRIBUTES 0x00000100
153
#define SA_RIGHT_FILE_ALL_ACCESS 0x000001FF
155
#define GENERIC_RIGHTS_FILE_ALL_ACCESS \
156
(STANDARD_RIGHTS_REQUIRED_ACCESS| \
157
STD_RIGHT_SYNCHRONIZE_ACCESS | \
158
SA_RIGHT_FILE_ALL_ACCESS)
160
#define GENERIC_RIGHTS_FILE_READ \
161
(STANDARD_RIGHTS_READ_ACCESS | \
162
STD_RIGHT_SYNCHRONIZE_ACCESS | \
163
SA_RIGHT_FILE_READ_DATA | \
164
SA_RIGHT_FILE_READ_ATTRIBUTES | \
165
SA_RIGHT_FILE_READ_EA)
167
#define GENERIC_RIGHTS_FILE_WRITE \
168
(STANDARD_RIGHTS_WRITE_ACCESS | \
169
STD_RIGHT_SYNCHRONIZE_ACCESS | \
170
SA_RIGHT_FILE_WRITE_DATA | \
171
SA_RIGHT_FILE_WRITE_ATTRIBUTES | \
172
SA_RIGHT_FILE_WRITE_EA | \
173
SA_RIGHT_FILE_APPEND_DATA)
175
#define GENERIC_RIGHTS_FILE_EXECUTE \
176
(STANDARD_RIGHTS_EXECUTE_ACCESS | \
177
STD_RIGHT_SYNCHRONIZE_ACCESS | \
178
SA_RIGHT_FILE_READ_ATTRIBUTES | \
179
SA_RIGHT_FILE_EXECUTE)
181
#define GENERIC_RIGHTS_FILE_MODIFY \
182
(STANDARD_RIGHTS_MODIFY_ACCESS | \
183
STD_RIGHT_SYNCHRONIZE_ACCESS | \
184
STD_RIGHT_DELETE_ACCESS | \
185
SA_RIGHT_FILE_WRITE_ATTRIBUTES | \
186
SA_RIGHT_FILE_READ_ATTRIBUTES | \
187
SA_RIGHT_FILE_EXECUTE | \
188
SA_RIGHT_FILE_WRITE_EA | \
189
SA_RIGHT_FILE_READ_EA | \
190
SA_RIGHT_FILE_APPEND_DATA | \
191
SA_RIGHT_FILE_WRITE_DATA | \
192
SA_RIGHT_FILE_READ_DATA)
194
#endif /* _RPC_SECDES_H */