You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

180 lines
5.7 KiB

  1. // <copyright file="NativeEnums.cs" company="Nick Lowe">
  2. // Copyright © Nick Lowe 2009
  3. // </copyright>
  4. // <author>Nick Lowe</author>
  5. // <email>nick@int-r.net</email>
  6. // <url>http://processprivileges.codeplex.com/</url>
  7. namespace ProcessPrivileges
  8. {
  9. using System;
  10. using System.Diagnostics.CodeAnalysis;
  11. /// <summary>
  12. /// <para>Privilege attributes that augment a <see cref="Privilege"/> with state information.</para>
  13. /// </summary>
  14. /// <remarks>
  15. /// <para>Use the following checks to interpret privilege attributes:</para>
  16. /// <para>
  17. /// <c>// Privilege is disabled.<br/>if (attributes == PrivilegeAttributes.Disabled) { /* ... */ }</c>
  18. /// </para>
  19. /// <para>
  20. /// <c>// Privilege is enabled.<br/>if ((attributes &amp; PrivilegeAttributes.Enabled) == PrivilegeAttributes.Enabled) { /* ... */ }</c>
  21. /// </para>
  22. /// <para>
  23. /// <c>// Privilege is removed.<br/>if ((attributes &amp; PrivilegeAttributes.Removed) == PrivilegeAttributes.Removed) { /* ... */ }</c>
  24. /// </para>
  25. /// <para>To avoid having to work with a flags based enumerated type, use <see cref="ProcessExtensions.GetPrivilegeState(PrivilegeAttributes)"/> on attributes.</para>
  26. /// </remarks>
  27. [Flags,
  28. SuppressMessage(
  29. "Microsoft.Design",
  30. "CA1008:EnumsShouldHaveZeroValue",
  31. Justification = "Native enum."),
  32. SuppressMessage(
  33. "Microsoft.Usage",
  34. "CA2217:DoNotMarkEnumsWithFlags",
  35. Justification = "Native enum.")]
  36. public enum PrivilegeAttributes
  37. {
  38. /// <summary>Privilege is disabled.</summary>
  39. Disabled = 0,
  40. /// <summary>Privilege is enabled by default.</summary>
  41. EnabledByDefault = 1,
  42. /// <summary>Privilege is enabled.</summary>
  43. Enabled = 2,
  44. /// <summary>Privilege is removed.</summary>
  45. Removed = 4,
  46. /// <summary>Privilege used to gain access to an object or service.</summary>
  47. UsedForAccess = -2147483648
  48. }
  49. /// <summary>Access rights for access tokens.</summary>
  50. [Flags,
  51. SuppressMessage(
  52. "Microsoft.Design",
  53. "CA1008:EnumsShouldHaveZeroValue",
  54. Justification = "Native enum."),
  55. SuppressMessage("Microsoft.Usage",
  56. "CA2217:DoNotMarkEnumsWithFlags",
  57. Justification = "Native enum.")]
  58. public enum TokenAccessRights
  59. {
  60. /// <summary>Right to attach a primary token to a process.</summary>
  61. AssignPrimary = 0,
  62. /// <summary>Right to duplicate an access token.</summary>
  63. Duplicate = 1,
  64. /// <summary>Right to attach an impersonation access token to a process.</summary>
  65. Impersonate = 4,
  66. /// <summary>Right to query an access token.</summary>
  67. Query = 8,
  68. /// <summary>Right to query the source of an access token.</summary>
  69. QuerySource = 16,
  70. /// <summary>Right to enable or disable the privileges in an access token.</summary>
  71. AdjustPrivileges = 32,
  72. /// <summary>Right to adjust the attributes of the groups in an access token.</summary>
  73. AdjustGroups = 64,
  74. /// <summary>Right to change the default owner, primary group, or DACL of an access token.</summary>
  75. AdjustDefault = 128,
  76. /// <summary>Right to adjust the session ID of an access token.</summary>
  77. AdjustSessionId = 256,
  78. /// <summary>Combines all possible access rights for a token.</summary>
  79. AllAccess = AccessTypeMasks.StandardRightsRequired |
  80. AssignPrimary |
  81. Duplicate |
  82. Impersonate |
  83. Query |
  84. QuerySource |
  85. AdjustPrivileges |
  86. AdjustGroups |
  87. AdjustDefault |
  88. AdjustSessionId,
  89. /// <summary>Combines the standard rights required to read with <see cref="Query"/>.</summary>
  90. Read = AccessTypeMasks.StandardRightsRead |
  91. Query,
  92. /// <summary>Combines the standard rights required to write with <see cref="AdjustDefault"/>, <see cref="AdjustGroups"/> and <see cref="AdjustPrivileges"/>.</summary>
  93. Write = AccessTypeMasks.StandardRightsWrite |
  94. AdjustPrivileges |
  95. AdjustGroups |
  96. AdjustDefault,
  97. /// <summary>Combines the standard rights required to execute with <see cref="Impersonate"/>.</summary>
  98. Execute = AccessTypeMasks.StandardRightsExecute |
  99. Impersonate
  100. }
  101. [Flags]
  102. internal enum AccessTypeMasks
  103. {
  104. Delete = 65536,
  105. ReadControl = 131072,
  106. WriteDAC = 262144,
  107. WriteOwner = 524288,
  108. Synchronize = 1048576,
  109. StandardRightsRequired = 983040,
  110. StandardRightsRead = ReadControl,
  111. StandardRightsWrite = ReadControl,
  112. StandardRightsExecute = ReadControl,
  113. StandardRightsAll = 2031616,
  114. SpecificRightsAll = 65535
  115. }
  116. internal enum TokenInformationClass
  117. {
  118. None,
  119. TokenUser,
  120. TokenGroups,
  121. TokenPrivileges,
  122. TokenOwner,
  123. TokenPrimaryGroup,
  124. TokenDefaultDacl,
  125. TokenSource,
  126. TokenType,
  127. TokenImpersonationLevel,
  128. TokenStatistics,
  129. TokenRestrictedSids,
  130. TokenSessionId,
  131. TokenGroupsAndPrivileges,
  132. TokenSessionReference,
  133. TokenSandBoxInert,
  134. TokenAuditPolicy,
  135. TokenOrigin,
  136. TokenElevationType,
  137. TokenLinkedToken,
  138. TokenElevation,
  139. TokenHasRestrictions,
  140. TokenAccessInformation,
  141. TokenVirtualizationAllowed,
  142. TokenVirtualizationEnabled,
  143. TokenIntegrityLevel,
  144. TokenUIAccess,
  145. TokenMandatoryPolicy,
  146. TokenLogonSid,
  147. MaxTokenInfoClass
  148. }
  149. }