1 /* 2 * PROJECT: ReactOS Win32k subsystem 3 * LICENSE: GPL-2.0-or-later (https://spdx.org/licenses/GPL-2.0-or-later) 4 * PURPOSE: Security infrastructure of NTUSER component of Win32k 5 * COPYRIGHT: Copyright 2022 George Bișoc <george.bisoc@reactos.org> 6 */ 7 8 #pragma once 9 10 // 11 // USER objects security rights 12 // 13 14 /* Desktop access rights */ 15 #define DESKTOP_READ (STANDARD_RIGHTS_READ | \ 16 DESKTOP_ENUMERATE | \ 17 DESKTOP_READOBJECTS) 18 19 #define DESKTOP_WRITE (STANDARD_RIGHTS_WRITE | \ 20 DESKTOP_CREATEMENU | \ 21 DESKTOP_CREATEWINDOW | \ 22 DESKTOP_HOOKCONTROL | \ 23 DESKTOP_JOURNALPLAYBACK | \ 24 DESKTOP_JOURNALRECORD | \ 25 DESKTOP_WRITEOBJECTS) 26 27 #define DESKTOP_EXECUTE (STANDARD_RIGHTS_EXECUTE | \ 28 DESKTOP_SWITCHDESKTOP) 29 30 #define DESKTOP_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | \ 31 DESKTOP_CREATEMENU | \ 32 DESKTOP_CREATEWINDOW | \ 33 DESKTOP_ENUMERATE | \ 34 DESKTOP_HOOKCONTROL | \ 35 DESKTOP_JOURNALPLAYBACK | \ 36 DESKTOP_JOURNALRECORD | \ 37 DESKTOP_READOBJECTS | \ 38 DESKTOP_SWITCHDESKTOP | \ 39 DESKTOP_WRITEOBJECTS) 40 41 /* Window Station access rights */ 42 #define WINSTA_READ (STANDARD_RIGHTS_READ | \ 43 WINSTA_ENUMDESKTOPS | \ 44 WINSTA_ENUMERATE | \ 45 WINSTA_READATTRIBUTES | \ 46 WINSTA_READSCREEN) 47 48 #define WINSTA_WRITE (STANDARD_RIGHTS_WRITE | \ 49 WINSTA_ACCESSCLIPBOARD | \ 50 WINSTA_CREATEDESKTOP | \ 51 WINSTA_WRITEATTRIBUTES) 52 53 #define WINSTA_EXECUTE (STANDARD_RIGHTS_EXECUTE | \ 54 WINSTA_ACCESSGLOBALATOMS | \ 55 WINSTA_EXITWINDOWS) 56 57 #define WINSTA_ACCESS_ALL (STANDARD_RIGHTS_REQUIRED | \ 58 WINSTA_ACCESSCLIPBOARD | \ 59 WINSTA_ACCESSGLOBALATOMS | \ 60 WINSTA_CREATEDESKTOP | \ 61 WINSTA_ENUMDESKTOPS | \ 62 WINSTA_ENUMERATE | \ 63 WINSTA_EXITWINDOWS | \ 64 WINSTA_READATTRIBUTES | \ 65 WINSTA_READSCREEN | \ 66 WINSTA_WRITEATTRIBUTES) 67 68 // 69 // Function prototypes 70 // 71 72 HANDLE 73 IntCaptureCurrentAccessToken(VOID); 74 75 PVOID 76 IntAllocateSecurityBuffer( 77 _In_ SIZE_T Length); 78 79 VOID 80 IntFreeSecurityBuffer( 81 _In_ PVOID Buffer); 82 83 NTSTATUS 84 IntQueryUserSecurityIdentification( 85 _Out_ PTOKEN_USER *User); 86 87 NTSTATUS 88 NTAPI 89 IntCreateServiceSecurity( 90 _Out_ PSECURITY_DESCRIPTOR *ServiceSd); 91 92 /* EOF */ 93