2 * security_descriptor.h - declarations for Windows security descriptor format
4 * The following copying information applies to this specific source code file:
6 * Written in 2013-2015 by Eric Biggers <ebiggers3@gmail.com>
8 * To the extent possible under law, the author(s) have dedicated all copyright
9 * and related and neighboring rights to this software to the public domain
10 * worldwide via the Creative Commons Zero 1.0 Universal Public Domain
11 * Dedication (the "CC0").
13 * This software is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15 * FOR A PARTICULAR PURPOSE. See the CC0 for more details.
17 * You should have received a copy of the CC0 along with this software; if not
18 * see <http://creativecommons.org/publicdomain/zero/1.0/>.
21 #ifndef _WIMLIB_SECURITY_DESCRIPTOR_H
22 #define _WIMLIB_SECURITY_DESCRIPTOR_H
24 #include "wimlib/compiler.h"
25 #include "wimlib/types.h"
27 /* Note: the data types in this header are prefixed with wimlib_ to avoid
28 * conflicts with the same types being defined in the libntfs-3g headers. */
30 /* Windows NT security descriptor, in self-relative format */
32 /* Security descriptor revision; should be 1 */
38 /* Bitwise OR of flags defined below, such as SE_DACL_PRESENT */
41 /* Offset of owenr SID structure in the security descriptor */
44 /* Offset of group SID structure in the security descriptor */
47 /* Offset of System Access Control List (SACL) in security descriptor,
48 * or 0 if no SACL is present */
51 /* Offset of Discretionary Access Control List (DACL) in security
52 * descriptor, or 0 if no DACL is present */
54 } _packed_attribute wimlib_SECURITY_DESCRIPTOR_RELATIVE;
56 #define wimlib_SE_OWNER_DEFAULTED 0x0001
57 #define wimlib_SE_GROUP_DEFAULTED 0x0002
58 #define wimlib_SE_DACL_PRESENT 0x0004
59 #define wimlib_SE_DACL_DEFAULTED 0x0008
60 #define wimlib_SE_SACL_PRESENT 0x0010
61 #define wimlib_SE_SACL_DEFAULTED 0x0020
62 #define wimlib_SE_DACL_AUTO_INHERIT_REQ 0x0100
63 #define wimlib_SE_SACL_AUTO_INHERIT_REQ 0x0200
64 #define wimlib_SE_DACL_AUTO_INHERITED 0x0400
65 #define wimlib_SE_SACL_AUTO_INHERITED 0x0800
66 #define wimlib_SE_DACL_PROTECTED 0x1000
67 #define wimlib_SE_SACL_PROTECTED 0x2000
68 #define wimlib_SE_RM_CONTROL_VALID 0x4000
69 #define wimlib_SE_SELF_RELATIVE 0x8000
71 /* Windows NT security identifier (user or group) */
75 u8 sub_authority_count;
77 /* Identifies the authority that issued the SID */
78 u8 identifier_authority[6];
81 } _packed_attribute wimlib_SID;
83 /* Header of a Windows NT access control list */
85 /* ACL_REVISION or ACL_REVISION_DS */
91 /* Total size of the ACL, including all access control entries */
94 /* Number of access control entry structures that follow the ACL
100 } _packed_attribute wimlib_ACL;
102 #define wimlib_ACCESS_ALLOWED_ACE_TYPE 0
103 #define wimlib_ACCESS_DENIED_ACE_TYPE 1
104 #define wimlib_SYSTEM_AUDIT_ACE_TYPE 2
106 /* Header of a Windows NT access control entry */
111 /* Bitwise OR of inherit ACE flags */
114 /* Size of the access control entry, including this header */
116 } _packed_attribute wimlib_ACE_HEADER;
118 /* Windows NT access control entry to grant rights to a user or group */
120 wimlib_ACE_HEADER hdr;
123 } _packed_attribute wimlib_ACCESS_ALLOWED_ACE;
125 /* Windows NT access control entry to deny rights to a user or group */
127 wimlib_ACE_HEADER hdr;
130 } _packed_attribute wimlib_ACCESS_DENIED_ACE;
132 /* Windows NT access control entry to audit access to the object */
134 wimlib_ACE_HEADER hdr;
137 } _packed_attribute wimlib_SYSTEM_AUDIT_ACE;
139 #endif /* _WIMLIB_SECURITY_DESCRIPTOR_H */