summaryrefslogtreecommitdiffstats
path: root/security/sandbox/chromium/sandbox/win/src/sid.h
blob: 745f4710546db529f1cd311192b4c46085c4dcf3 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74

// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef SANDBOX_SRC_SID_H_
#define SANDBOX_SRC_SID_H_

#include <windows.h>

#include <string>

namespace sandbox {

// Known capabilities defined in Windows 8.
enum WellKnownCapabilities {
  kInternetClient,
  kInternetClientServer,
  kPrivateNetworkClientServer,
  kPicturesLibrary,
  kVideosLibrary,
  kMusicLibrary,
  kDocumentsLibrary,
  kEnterpriseAuthentication,
  kSharedUserCertificates,
  kRemovableStorage,
  kAppointments,
  kContacts,
  kMaxWellKnownCapability
};

// This class is used to hold and generate SIDS.
class Sid {
 public:
  // As PSID is just a void* make it explicit.
  explicit Sid(PSID sid);
  // Constructors initializing the object with the SID passed.
  // This is a converting constructor. It is not explicit.
  Sid(const SID* sid);
  Sid(WELL_KNOWN_SID_TYPE type);

  // Create a Sid from an AppContainer capability name. The name can be
  // completely arbitrary.
  static Sid FromNamedCapability(const wchar_t* capability_name);
  // Create a Sid from a known capability enumeration value. The Sids
  // match with the list defined in Windows 8.
  static Sid FromKnownCapability(WellKnownCapabilities capability);
  // Create a Sid from a SDDL format string, such as S-1-1-0.
  static Sid FromSddlString(const wchar_t* sddl_sid);
  // Create a Sid from a set of sub authorities.
  static Sid FromSubAuthorities(PSID_IDENTIFIER_AUTHORITY identifier_authority,
                                BYTE sub_authority_count,
                                PDWORD sub_authorities);
  // Create the restricted all application packages sid.
  static Sid AllRestrictedApplicationPackages();
  // Generate a random SID value.
  static Sid GenerateRandomSid();

  // Returns sid_.
  PSID GetPSID() const;

  // Gets whether the sid is valid.
  bool IsValid() const;

  // Converts the SID to a SDDL format string.
  bool ToSddlString(std::wstring* sddl_string) const;

 private:
  Sid();
  BYTE sid_[SECURITY_MAX_SID_SIZE];
};

}  // namespace sandbox

#endif  // SANDBOX_SRC_SID_H_
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-08 14:05:16 +0000