很久以前写的一个 ShareRestrictedSD 类

代码中一开始的 几个 USES 单元,可能是多余的。


unit ShareRestrictedSD;


interface


uses

  Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms,

  Shlobj, ActiveX, Dialogs,Shellapi;


///////////////////

//如果这家伙起作用,那么它的作者是jiangsheng(C++);

//如果这家伙一点用没有,那我不知道它的作者

//以上为 jiangsheng 的声明.

//使用方法.

//var

//  SharedSD:TShareRestrictedSD; //创建一个工具类.

//  try

//    SharedSD:=TShareRestrictedSD.Create;

//    FMappingHandle :=

//       CreateFileMapping(

//         $FFFFFFFF, {to virtual memory}

//         SharedSD.GetSA, //获得一个超级用户安全对象.

//         page_readwrite,

//         0,

//         FSize,

//         pchar(FNameToCreate));

//  finally

//    if Assigned(SharedSD) then

//    begin

//      FreeAndNil(SharedSD); //一定要记得释放

//    end;

//  end;

//修改:Flying Wang 和 爱吃猪头肉

///////////////////


const

  SECURITY_NULL_SID_AUTHORITY    = $0;

  SECURITY_WORLD_SID_AUTHORITY   = $1;

  SECURITY_LOCAL_SID_AUTHORITY   = $2;

  SECURITY_CREATOR_SID_AUTHORITY = $3;

  SECURITY_NT_AUTHORITY          = $5;


ACL_REVISION                   = $2;


SECURITY_NULL_RID              = $0;

  SECURITY_LOCAL_RID             = $0;

  SECURITY_WORLD_RID             = $0;

  SECURITY_CREATOR_OWNER_RID     = $0;

  SECURITY_DIALUP_RID            = $1;

  SECURITY_CREATOR_GROUP_RID     = $1;

  SECURITY_NETWORK_RID           = $2;

  SECURITY_BATCH_RID             = $3;

  SECURITY_INTERACTIVE_RID       = $4;

  SECURITY_LOGON_IDS_RID         = $5;

  SECURITY_SERVICE_RID           = $6;

  SECURITY_LOCAL_SYSTEM_RID      =$12;

  SECURITY_BUILTIN_DOMAIN_RID    =$20;


HEAP_NO_SERIALIZE              = $1;

  HEAP_GROWABLE                  = $2;

  HEAP_GENERATE_EXCEPTIONS       = $4;

  HEAP_ZERO_MEMORY               = $8;

  HEAP_REALLOC_IN_PLACE_ONLY     =$10;

  HEAP_TAG_SHIFT                 =$12;

  HEAP_TAIL_CHECKING_ENABLED     =$20;

  HEAP_FREE_CHECKING_ENABLED     =$40;

  HEAP_DISABLE_COALESCE_ON_FREE  =$80;

  HEAP_MAXIMUM_TAG               =$0FFF;

  HEAP_PSEUDO_TAG_FLAG           =$8000;

  HEAP_CREATE_ALIGN_16           =$00010000;

  HEAP_CREATE_ENABLE_TRACING     =$00020000;


type


PACE_HEADER = ^TACE_HEADER;

  _ACE_HEADER = record

    AceType:Byte;

    AceFlags:Byte;

    AceSize:Word;

  end;

  TACE_HEADER = _ACE_HEADER;

  ACE_HEADER = _ACE_HEADER;


//  ACCESS_MASK = DWORD;


PACCESS_ALLOWED_ACE = ^TACCESS_ALLOWED_ACE;

  _ACCESS_ALLOWED_ACE = record

    Header:TACE_HEADER;

    Mask:ACCESS_MASK;

    SidStart:DWORD;

  end;

  TACCESS_ALLOWED_ACE = _ACCESS_ALLOWED_ACE;

  ACCESS_ALLOWED_ACE = _ACCESS_ALLOWED_ACE;


TShareRestrictedSD =class(TObject)

  private

    { Private-Deklarationen }

    ptr:Pointer;

    sa:TSecurityAttributes;

    sd:TSecurityDescriptor;

  protected

    { Protected-Deklarationen }

  public

    { Public-Deklarationen }

    Constructor Create;

    Destructor Destroy; override;

    function GetSA:PSecurityAttributes;

  published

    { Published-Deklarationen }

  end;


implementation


Const

  DefSubAuthorityCount = 1;


Function BuildRestrictedSD(pSD:PSecurityDescriptor):Pointer;

var

  dwAclLength:DWORD;

  psideveryone:PSID;

  pDACL:PACL;

  bResult:Boolean;

  pACE:PACCESS_ALLOWED_ACE;

  siaWorld:TSIDIdentifierAuthority;

  si:SECURITY_INFORMATION;

begin

  Result:=nil;

  psideveryone:=nil;

  pDACL:=nil;

  bResult:=False;

  pACE:=nil;

  FillMemory(@siaWorld,Sizeof(siaWorld),SECURITY_NULL_SID_AUTHORITY);

  siaWorld.Value[5]:=SECURITY_WORLD_SID_AUTHORITY;

  si:=DACL_SECURITY_INFORMATION;

  try

    // initialize the security descriptor

    if (not InitializeSecurityDescriptor(pSD,

      SECURITY_DESCRIPTOR_REVISION)) then

    begin

      //InitializeSecurityDescriptor() failed;

      exit;

    end;

    // obtain a sid for the Authenticated Users Group

    if (not AllocateAndInitializeSid(siaWorld,

            DefSubAuthorityCount,

            SECURITY_WORLD_RID,

            SECURITY_NULL_RID,

            SECURITY_NULL_RID,

            SECURITY_NULL_RID,

            SECURITY_NULL_RID,

            SECURITY_NULL_RID,

            SECURITY_NULL_RID,

            SECURITY_NULL_RID,

            psidEveryone)) then

    begin

      //AllocateAndInitializeSid() failed;

      exit;

    end;

    // NOTE:

    //

    // The Authenticated Users group includes all user accounts that

    // have been successfully authenticated by the system. If access

    // must be restricted to a specific user or group other than

    // Authenticated Users, the SID can be constructed using the

    // LookupAccountSid() API based on a user or group name.


// calculate the DACL length

    dwAclLength:= sizeof(ACL)

            // add space for Authenticated Users group ACE

            + sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD)

            + GetLengthSid(psidEveryone);

    // allocate memory for the DACL

    pDACL:=PACL(HeapAlloc(GetProcessHeap, HEAP_ZERO_MEMORY,

            dwAclLength));

    if (pDACL=nil) then

    begin

      //HeapAlloc() failed;

      exit;

    end;

    // initialize the DACL

    if (not InitializeAcl(pDACL^, dwAclLength, ACL_REVISION)) then

    begin

      //InitializeAcl() failed

      exit;

    end;

    // add the Authenticated Users group ACE to the DACL with

    // GENERIC_READ, GENERIC_WRITE, and GENERIC_EXECUTE access

    if (not AddAccessAllowedAce(pDACL^, ACL_REVISION,

            GENERIC_ALL,

            psidEveryone)) then

    begin

      //AddAccessAllowedAce() failed;

      exit;

    end;

    // set the DACL in the security descriptor

    if (not SetSecurityDescriptorDacl(pSD, TRUE, pDACL, FALSE)) then

    begin

      //SetSecurityDescriptorDacl() failed;

      exit;

    end;

    bResult:=True;

  finally

    if (psidEveryone<>nil) then

    begin

      FreeSid(psidEveryone);

    end;

    if (not bResult) then

    begin

      if (pDACL<>nil) then

      begin

        HeapFree(GetProcessHeap, 0, pDACL);

      end;

      pDACL:=nil;

    end;

  end;

  Result:=pDACL;

end;


//The following function frees memory allocated in the

// BuildRestrictedSD() function

procedure FreeRestrictedSD(ptr:Pointer);

begin

  if (ptr<>nil) then

  begin

    HeapFree(GetProcessHeap, 0, ptr);

  end;

end;


Constructor TShareRestrictedSD.Create;

begin

  ptr:=nil;

  sa.nLength:=Sizeof(sa);

  sa.lpSecurityDescriptor:= @Sd;

  sa.bInheritHandle:=False;

  // build a restricted security descriptor

  if Win32Platform = VER_PLATFORM_WIN32_NT then

  begin

    ptr:=BuildRestrictedSD(@sd);

    if (ptr=nil) then

    begin

      Raise Exception.Create(‘BuildRestrictedSD failed‘);

    end;

  end;

end;


Destructor TShareRestrictedSD.Destroy;

begin

  if (ptr<>nil) then

  begin

    FreeRestrictedSD(ptr);

  end;

end;


function TShareRestrictedSD.GetSA:PSecurityAttributes;

begin

  if (ptr<>nil) then

  begin

    Result:=@Sa;

  end

  else

  begin

    Result:=nil;

  end;

end;


end.

很久以前写的一个 ShareRestrictedSD 类

时间: 2024-08-11 07:35:28

很久以前写的一个 ShareRestrictedSD 类的相关文章

Coding之路——重新学习C++(7):用继承写出一个好类

1.继承类时需要注意的地方 (1)当一个类作为基类的时候,这个类就必须有定义. (2)在派生类中,基类的默认构造函数可以被隐式调用,但是如果基类的构造函数都有参数,派生类需要直接调用一个.派生类的构造函数只能描述派生类自己的成员变量和自己的基类的直接初始式,它不能直接初始化基类的成员. Manager::Manager(const string &n, int d, int lvl) :family_name(n), //错误:在Manager里没有family_name声明 departmen

对象序列化和反序列化应该写为一个工具类

对象序列化和反序列化工具类 package com.umu.util; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.io.ObjectInput; import java.io.ObjectInputStream; import java.io.Object

自己写了一个分页类

第一次发文章,格式不太规范,不过以后会逐渐改正的,请大家多多指正 ? public class Pager     {         private string _pageurl;         private int _pagecount;         private int _currentpage;         public Pager(string pageurl, int pagecount, int currentpage)         {             

分享最近抽空写的一个代码生成器,集成EasyDBUtility数据库访问帮助类

一直想写一个自己的代码生成器,但是因为工作事情多,一直搁置下来,最近下决心终于利用下班时间写完了,现在分享给有需要的朋友,代码生成器集成EasyDBUtility数据库访问帮助类,暂时只支持sqlserver数据库,界面如下 部分代码如下 using System; using System.Collections.Generic; using System.Data; using System.Data.SqlClient; using System.Linq; using System.Te

Java基础-继承-编写一个Java应用程序,设计一个汽车类Vehicle,包含的属性有车轮个数 wheels和车重weight。小车类Car是Vehicle的子类,其中包含的属性有载人数 loader。卡车类Truck是Car类的子类,其中包含的属性有载重量payload。每个 类都有构造方法和输出相关数据的方法。最后,写一个测试类来测试这些类的功 能。

#29.编写一个Java应用程序,设计一个汽车类Vehicle,包含的属性有车轮个数 wheels和车重weight.小车类Car是Vehicle的子类,其中包含的属性有载人数 loader.卡车类Truck是Car类的子类,其中包含的属性有载重量payload.每个 类都有构造方法和输出相关数据的方法.最后,写一个测试类来测试这些类的功 能. package hanqi; public class Vehicle { private int wheels; private int weight

我写的一个ExcelHelper通用类,可用于读取或生成数据

读取或生成EXCEL数据的方法有很多,一般常见的有: 1.通过OFFICE EXCEL组件,优点:读取与生成EXCEL文件方便,缺点:服务器上必须安装OFFICE软件,且进程无法及时释放 2.通过第三方组件(比如:NPOI),优点:无需安装OFFICE软件,缺点:需要引入第三方组件,当然这个还是比较强的 3.通过把EXCEL当成数据库,连接后运用SQL语句读取,写入的话就自行拼接成HTML表格,优点:无需另外的组件,缺点:需要会SQL及拼接HTML表格较麻烦: 三种方法我都有用过,若开发BS网站

自己写了一个类(serialize 和 unserialize)

? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 <?php //声明一个类 class dog {     var $name;     var $age;     var $owner;     function dog($in_name="unname

写一个NSString类的实现

意思是:建立对象需要两个步骤1分配内存 2初始化 1分配内存,要sent alloc orallocWithZone: message to the object’s class. 也就是常见的[Class alloc].或是不常见的[Class allocWithZone] 2初始化.要调用init的方法进行初始化,各种各样的要或不要参数的init方法都算. 以上建立对象的方式,返回值要送进 对象自动管理池 IOS面试题示例:写一个NSString类的实现 + (id)initWithCStr

写了一个DELPHI操作USB摄像头类分享给大家

最近在使用Usb摄像头做了个项目,其中写了一个操作usb摄像头类分享给大家 {*******************************************************} { } { 操作USB摄像头类 } { } { 作者:lqen } { 日期:2015.05.18 } { } {*******************************************************} unit untUsbCamera; interface uses Window