access_table() challenge - win a Samba t-shirt!
Osama Abu-Aish
osabmt00 at fht-esslingen.de
Mon Jan 17 12:35:33 GMT 2000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Am 17 Jan 00, um 14:34 Uhr schrieb Luke Kenneth Casson Leighton zum Thema Re: access_table() challenge - win :
Dazu meine Meinung:
> > from winbase.h
> ok... where's the "execute" permission bit??? hmm..
> ok, i don't think these are actually ACL permission bits.
While searching through MS-headers I found something else:
- --------------------------------------------------------------------------------------------------------------------
//
// Special Values and Constants - Access
//
//
// Maximum number of permission entries for each resource.
//
#define MAXPERMENTRIES 64
//
// Bit values for the access permissions. ACCESS_ALL is a handy
// way to specify maximum permissions. These are used in
// acl_access field of access_list structures.
//
#define ACCESS_NONE 0
#define ACCESS_ALL ( ACCESS_READ | \
ACCESS_WRITE | \
ACCESS_CREATE | \
ACCESS_EXEC | \
ACCESS_DELETE | \
ACCESS_ATRIB | \
ACCESS_PERM \
)
#define ACCESS_READ 0x01
#define ACCESS_WRITE 0x02
#define ACCESS_CREATE 0x04
#define ACCESS_EXEC 0x08
#define ACCESS_DELETE 0x10
#define ACCESS_ATRIB 0x20
#define ACCESS_PERM 0x40
#define ACCESS_GROUP 0x8000
//
// Bit values for the acc1_attr field of the ACCESS_INFO_1 structure.
//
#define ACCESS_AUDIT 0x1
#define ACCESS_SUCCESS_OPEN 0x10
#define ACCESS_SUCCESS_WRITE 0x20
#define ACCESS_SUCCESS_DELETE 0x40
#define ACCESS_SUCCESS_ACL 0x80
#define ACCESS_SUCCESS_MASK 0xF0
#define ACCESS_FAIL_OPEN 0x100
#define ACCESS_FAIL_WRITE 0x200
#define ACCESS_FAIL_DELETE 0x400
#define ACCESS_FAIL_ACL 0x800
#define ACCESS_FAIL_MASK 0xF00
#define ACCESS_FAIL_SHIFT 4
- --------------------------------------------------------------------------------------------------------------------
from lmaccess.h, also found in srvapi.h
And this from winnt.h:
- --------------------------------------------------------------------------------------------------------------------
////////////////////////////////////////////////////////////////////////
// //
// ACCESS MASK //
// //
////////////////////////////////////////////////////////////////////////
//
// Define the access mask as a longword sized structure divided up as
// follows:
//
// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
// +---------------+---------------+-------------------------------+
// |G|G|G|G|Res'd|A| StandardRights| SpecificRights |
// |R|W|E|A| |S| | |
// +-+-------------+---------------+-------------------------------+
//
// typedef struct _ACCESS_MASK {
// WORD SpecificRights;
// BYTE StandardRights;
// BYTE AccessSystemAcl : 1;
// BYTE Reserved : 3;
// BYTE GenericAll : 1;
// BYTE GenericExecute : 1;
// BYTE GenericWrite : 1;
// BYTE GenericRead : 1;
// } ACCESS_MASK;
// typedef ACCESS_MASK *PACCESS_MASK;
//
// but to make life simple for programmer's we'll allow them to specify
// a desired access mask by simply OR'ing together mulitple single rights
// and treat an access mask as a DWORD. For example
//
// DesiredAccess = DELETE | READ_CONTROL
//
// So we'll declare ACCESS_MASK as DWORD
//
// begin_ntddk begin_nthal begin_ntifs
typedef DWORD ACCESS_MASK;
typedef ACCESS_MASK *PACCESS_MASK;
////////////////////////////////////////////////////////////////////////
// //
// ACCESS TYPES //
// //
////////////////////////////////////////////////////////////////////////
// begin_ntddk begin_nthal begin_ntifs
//
// The following are masks for the predefined standard access types
//
#define DELETE (0x00010000L)
#define READ_CONTROL (0x00020000L)
#define WRITE_DAC (0x00040000L)
#define WRITE_OWNER (0x00080000L)
#define SYNCHRONIZE (0x00100000L)
#define STANDARD_RIGHTS_REQUIRED (0x000F0000L)
#define STANDARD_RIGHTS_READ (READ_CONTROL)
#define STANDARD_RIGHTS_WRITE (READ_CONTROL)
#define STANDARD_RIGHTS_EXECUTE (READ_CONTROL)
#define STANDARD_RIGHTS_ALL (0x001F0000L)
#define SPECIFIC_RIGHTS_ALL (0x0000FFFFL)
//
// AccessSystemAcl access type
//
#define ACCESS_SYSTEM_SECURITY (0x01000000L)
//
// MaximumAllowed access type
//
#define MAXIMUM_ALLOWED (0x02000000L)
//
// These are the generic rights.
//
#define GENERIC_READ (0x80000000L)
#define GENERIC_WRITE (0x40000000L)
#define GENERIC_EXECUTE (0x20000000L)
#define GENERIC_ALL (0x10000000L)
//
// Define the generic mapping array. This is used to denote the
// mapping of each generic access right to a specific access mask.
//
typedef struct _GENERIC_MAPPING {
ACCESS_MASK GenericRead;
ACCESS_MASK GenericWrite;
ACCESS_MASK GenericExecute;
ACCESS_MASK GenericAll;
} GENERIC_MAPPING;
typedef GENERIC_MAPPING *PGENERIC_MAPPING;
- --------------------------------------------------------------------------------------------------------------------
Hope this helps.
Greetings, Osama
-----BEGIN PGP SIGNATURE-----
Version: PGP 5.5.5 -- QDPGP 2.12
Comment: Encrypted with PGP 5.5.3i - key available upon request.
iQA/AwUBOIL+hQmMXnP+meK2EQJFoACfTDvrRr9k+T0eBP5Fw8wI3jzLA3AAoMWk
A+B6RR8KOMMqTDQoklIVWZUY
=qpo2
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list