Microsoft/Windows2003-3790
Microsoft/Windows2003-3790
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
master
Windows2003-3790/drivers/storage/newft/espprot.cxx
Microsoft 50969b0ea2 First commit
2020-09-30 16:53:55 +02:00

93 lines
2.6 KiB
C++
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

extern "C" {
#include <ntosp.h>
#include <zwapi.h>
}
#include <ftdisk.h>
NTSTATUS
FtpApplyESPProtection(
IN PUNICODE_STRING PartitionName
)
{
ULONG length;
PACL acl;
NTSTATUS status;
SECURITY_DESCRIPTOR sd;
OBJECT_ATTRIBUTES oa;
HANDLE h;
IO_STATUS_BLOCK ioStatus;
length = sizeof(ACL) + 3*sizeof(ACCESS_ALLOWED_ACE) +
RtlLengthSid(SeExports->SeLocalSystemSid) +
RtlLengthSid(SeExports->SeAliasAdminsSid) +
RtlLengthSid(SeExports->SeWorldSid) +
8; // The 8 is just for good measure.
acl = (PACL) ExAllocatePool(PagedPool, length);
if (!acl) {
return STATUS_INSUFFICIENT_RESOURCES;
}
status = RtlCreateAcl(acl, length, ACL_REVISION2);
if (!NT_SUCCESS(status)) {
ExFreePool(acl);
return status;
}
status = RtlAddAccessAllowedAce(acl, ACL_REVISION2, FILE_READ_ATTRIBUTES |
SYNCHRONIZE | READ_CONTROL,
SeExports->SeWorldSid);
if (!NT_SUCCESS(status)) {
ExFreePool(acl);
return status;
}
status = RtlAddAccessAllowedAce(acl, ACL_REVISION2, GENERIC_ALL,
SeExports->SeLocalSystemSid);
if (!NT_SUCCESS(status)) {
ExFreePool(acl);
return status;
}
status = RtlAddAccessAllowedAce(acl, ACL_REVISION2, GENERIC_READ |
GENERIC_WRITE | GENERIC_EXECUTE |
READ_CONTROL, SeExports->SeAliasAdminsSid);
if (!NT_SUCCESS(status)) {
ExFreePool(acl);
return status;
}
status = RtlCreateSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
if (!NT_SUCCESS(status)) {
ExFreePool(acl);
return status;
}
status = RtlSetDaclSecurityDescriptor(&sd, TRUE, acl, FALSE);
if (!NT_SUCCESS(status)) {
ExFreePool(acl);
return status;
}
InitializeObjectAttributes(&oa, PartitionName, OBJ_CASE_INSENSITIVE |
OBJ_KERNEL_HANDLE, NULL, NULL);
status = ZwOpenFile(&h, WRITE_DAC, &oa, &ioStatus, FILE_SHARE_READ |
FILE_SHARE_WRITE | FILE_SHARE_DELETE,
FILE_SYNCHRONOUS_IO_ALERT);
if (!NT_SUCCESS(status)) {
ExFreePool(acl);
return status;
}
status = ZwSetSecurityObject(h, DACL_SECURITY_INFORMATION, &sd);
ZwClose(h);
ExFreePool(acl);
return status;
}
Reference in New Issue View Git Blame Copy Permalink