2 * security_descriptor.h
4 * The author dedicates this file to the public domain.
5 * You can do whatever you want with this file.
8 #ifndef _WIMLIB_SECURITY_DESCRIPTOR_H
9 #define _WIMLIB_SECURITY_DESCRIPTOR_H
11 #include "wimlib/compiler.h"
12 #include "wimlib/types.h"
14 /* Note: the data types in this header are prefixed with wimlib_ to avoid
15 * conflicts with the same types being defined in the libntfs-3g headers. */
17 /* Windows NT security descriptor, in self-relative format */
19 /* Security descriptor revision; should be 1 */
25 /* Bitwise OR of flags defined below, such as SE_DACL_PRESENT */
28 /* Offset of owenr SID structure in the security descriptor */
31 /* Offset of group SID structure in the security descriptor */
34 /* Offset of System Access Control List (SACL) in security descriptor,
35 * or 0 if no SACL is present */
38 /* Offset of Discretionary Access Control List (DACL) in security
39 * descriptor, or 0 if no DACL is present */
41 } _packed_attribute wimlib_SECURITY_DESCRIPTOR_RELATIVE;
43 #define wimlib_SE_OWNER_DEFAULTED 0x0001
44 #define wimlib_SE_GROUP_DEFAULTED 0x0002
45 #define wimlib_SE_DACL_PRESENT 0x0004
46 #define wimlib_SE_DACL_DEFAULTED 0x0008
47 #define wimlib_SE_SACL_PRESENT 0x0010
48 #define wimlib_SE_SACL_DEFAULTED 0x0020
49 #define wimlib_SE_DACL_AUTO_INHERIT_REQ 0x0100
50 #define wimlib_SE_SACL_AUTO_INHERIT_REQ 0x0200
51 #define wimlib_SE_DACL_AUTO_INHERITED 0x0400
52 #define wimlib_SE_SACL_AUTO_INHERITED 0x0800
53 #define wimlib_SE_DACL_PROTECTED 0x1000
54 #define wimlib_SE_SACL_PROTECTED 0x2000
55 #define wimlib_SE_RM_CONTROL_VALID 0x4000
56 #define wimlib_SE_SELF_RELATIVE 0x8000
58 /* Windows NT security identifier (user or group) */
62 u8 sub_authority_count;
64 /* Identifies the authority that issued the SID */
65 u8 identifier_authority[6];
68 } _packed_attribute wimlib_SID;
70 /* Header of a Windows NT access control list */
72 /* ACL_REVISION or ACL_REVISION_DS */
78 /* Total size of the ACL, including all access control entries */
81 /* Number of access control entry structures that follow the ACL
87 } _packed_attribute wimlib_ACL;
89 #define wimlib_ACCESS_ALLOWED_ACE_TYPE 0
90 #define wimlib_ACCESS_DENIED_ACE_TYPE 1
91 #define wimlib_SYSTEM_AUDIT_ACE_TYPE 2
93 /* Header of a Windows NT access control entry */
98 /* Bitwise OR of inherit ACE flags */
101 /* Size of the access control entry, including this header */
103 } _packed_attribute wimlib_ACE_HEADER;
105 /* Windows NT access control entry to grant rights to a user or group */
107 wimlib_ACE_HEADER hdr;
110 } _packed_attribute wimlib_ACCESS_ALLOWED_ACE;
112 /* Windows NT access control entry to deny rights to a user or group */
114 wimlib_ACE_HEADER hdr;
117 } _packed_attribute wimlib_ACCESS_DENIED_ACE;
119 /* Windows NT access control entry to audit access to the object */
121 wimlib_ACE_HEADER hdr;
124 } _packed_attribute wimlib_SYSTEM_AUDIT_ACE;