maxmustermann/dotnet-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
dotnet-core/release-notes/1.0/1.0.0-api/1.0.0-api_System.Security.AccessControl.md
Lee Coward a31254a958 clean up queue
2017-07-05 14:24:38 -07:00

721 lines
44 KiB
Markdown
Raw Blame History

# System.Security.AccessControl
``` diff
+namespace System.Security.AccessControl {
+ public enum AccessControlActions {
+ Change = 2,
+ None = 0,
+ View = 1,
+ }
+ public enum AccessControlModification {
+ Add = 0,
+ Remove = 3,
+ RemoveAll = 4,
+ RemoveSpecific = 5,
+ Reset = 2,
+ Set = 1,
+ }
+ public enum AccessControlSections {
+ Access = 2,
+ All = 15,
+ Audit = 1,
+ Group = 8,
+ None = 0,
+ Owner = 4,
+ }
+ public enum AccessControlType {
+ Allow = 0,
+ Deny = 1,
+ }
+ public abstract class AccessRule : AuthorizationRule {
+ protected AccessRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public AccessControlType AccessControlType { get; }
+ }
+ public class AccessRule<T> : AccessRule where T : struct, ValueType {
+ public AccessRule(IdentityReference identity, T rights, AccessControlType type);
+ public AccessRule(IdentityReference identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public AccessRule(string identity, T rights, AccessControlType type);
+ public AccessRule(string identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public T Rights { get; }
+ }
+ public sealed class AceEnumerator : IEnumerator {
+ public GenericAce Current { get; }
+ object System.Collections.IEnumerator.Current { get; }
+ public bool MoveNext();
+ public void Reset();
+ }
+ public enum AceFlags : byte {
+ AuditFlags = (byte)192,
+ ContainerInherit = (byte)2,
+ FailedAccess = (byte)128,
+ InheritanceFlags = (byte)15,
+ Inherited = (byte)16,
+ InheritOnly = (byte)8,
+ None = (byte)0,
+ NoPropagateInherit = (byte)4,
+ ObjectInherit = (byte)1,
+ SuccessfulAccess = (byte)64,
+ }
+ public enum AceQualifier {
+ AccessAllowed = 0,
+ AccessDenied = 1,
+ SystemAlarm = 3,
+ SystemAudit = 2,
+ }
+ public enum AceType : byte {
+ AccessAllowed = (byte)0,
+ AccessAllowedCallback = (byte)9,
+ AccessAllowedCallbackObject = (byte)11,
+ AccessAllowedCompound = (byte)4,
+ AccessAllowedObject = (byte)5,
+ AccessDenied = (byte)1,
+ AccessDeniedCallback = (byte)10,
+ AccessDeniedCallbackObject = (byte)12,
+ AccessDeniedObject = (byte)6,
+ MaxDefinedAceType = (byte)16,
+ SystemAlarm = (byte)3,
+ SystemAlarmCallback = (byte)14,
+ SystemAlarmCallbackObject = (byte)16,
+ SystemAlarmObject = (byte)8,
+ SystemAudit = (byte)2,
+ SystemAuditCallback = (byte)13,
+ SystemAuditCallbackObject = (byte)15,
+ SystemAuditObject = (byte)7,
+ }
+ public enum AuditFlags {
+ Failure = 2,
+ None = 0,
+ Success = 1,
+ }
+ public abstract class AuditRule : AuthorizationRule {
+ protected AuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags auditFlags);
+ public AuditFlags AuditFlags { get; }
+ }
+ public class AuditRule<T> : AuditRule where T : struct, ValueType {
+ public AuditRule(IdentityReference identity, T rights, AuditFlags flags);
+ public AuditRule(IdentityReference identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public AuditRule(string identity, T rights, AuditFlags flags);
+ public AuditRule(string identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public T Rights { get; }
+ }
+ public abstract class AuthorizationRule {
+ protected internal AuthorizationRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags);
+ protected internal int AccessMask { get; }
+ public IdentityReference IdentityReference { get; }
+ public InheritanceFlags InheritanceFlags { get; }
+ public bool IsInherited { get; }
+ public PropagationFlags PropagationFlags { get; }
+ }
+ public sealed class AuthorizationRuleCollection : ICollection, IEnumerable {
+ public AuthorizationRuleCollection();
+ public int Count { get; }
+ bool System.Collections.ICollection.IsSynchronized { get; }
+ object System.Collections.ICollection.SyncRoot { get; }
+ public AuthorizationRule this[int index] { get; }
+ public void AddRule(AuthorizationRule rule);
+ public void CopyTo(AuthorizationRule[] rules, int index);
+ void System.Collections.ICollection.CopyTo(Array array, int index);
+ IEnumerator System.Collections.IEnumerable.GetEnumerator();
+ }
+ public sealed class CommonAce : QualifiedAce {
+ public CommonAce(AceFlags flags, AceQualifier qualifier, int accessMask, SecurityIdentifier sid, bool isCallback, byte[] opaque);
+ public override int BinaryLength { get; }
+ public override void GetBinaryForm(byte[] binaryForm, int offset);
+ public static int MaxOpaqueLength(bool isCallback);
+ }
+ public abstract class CommonAcl : GenericAcl {
+ public sealed override int BinaryLength { get; }
+ public sealed override int Count { get; }
+ public bool IsCanonical { get; }
+ public bool IsContainer { get; }
+ public bool IsDS { get; }
+ public sealed override byte Revision { get; }
+ public sealed override GenericAce this[int index] { get; set; }
+ public sealed override void GetBinaryForm(byte[] binaryForm, int offset);
+ public void Purge(SecurityIdentifier sid);
+ public void RemoveInheritedAces();
+ }
+ public abstract class CommonObjectSecurity : ObjectSecurity {
+ protected CommonObjectSecurity(bool isContainer);
+ protected void AddAccessRule(AccessRule rule);
+ protected void AddAuditRule(AuditRule rule);
+ public AuthorizationRuleCollection GetAccessRules(bool includeExplicit, bool includeInherited, Type targetType);
+ public AuthorizationRuleCollection GetAuditRules(bool includeExplicit, bool includeInherited, Type targetType);
+ protected override bool ModifyAccess(AccessControlModification modification, AccessRule rule, out bool modified);
+ protected override bool ModifyAudit(AccessControlModification modification, AuditRule rule, out bool modified);
+ protected bool RemoveAccessRule(AccessRule rule);
+ protected void RemoveAccessRuleAll(AccessRule rule);
+ protected void RemoveAccessRuleSpecific(AccessRule rule);
+ protected bool RemoveAuditRule(AuditRule rule);
+ protected void RemoveAuditRuleAll(AuditRule rule);
+ protected void RemoveAuditRuleSpecific(AuditRule rule);
+ protected void ResetAccessRule(AccessRule rule);
+ protected void SetAccessRule(AccessRule rule);
+ protected void SetAuditRule(AuditRule rule);
+ }
+ public sealed class CommonSecurityDescriptor : GenericSecurityDescriptor {
+ public CommonSecurityDescriptor(bool isContainer, bool isDS, byte[] binaryForm, int offset);
+ public CommonSecurityDescriptor(bool isContainer, bool isDS, ControlFlags flags, SecurityIdentifier owner, SecurityIdentifier group, SystemAcl systemAcl, DiscretionaryAcl discretionaryAcl);
+ public CommonSecurityDescriptor(bool isContainer, bool isDS, RawSecurityDescriptor rawSecurityDescriptor);
+ public CommonSecurityDescriptor(bool isContainer, bool isDS, string sddlForm);
+ public override ControlFlags ControlFlags { get; }
+ public DiscretionaryAcl DiscretionaryAcl { get; set; }
+ public override SecurityIdentifier Group { get; set; }
+ public bool IsContainer { get; }
+ public bool IsDiscretionaryAclCanonical { get; }
+ public bool IsDS { get; }
+ public bool IsSystemAclCanonical { get; }
+ public override SecurityIdentifier Owner { get; set; }
+ public SystemAcl SystemAcl { get; set; }
+ public void AddDiscretionaryAcl(byte revision, int trusted);
+ public void AddSystemAcl(byte revision, int trusted);
+ public void PurgeAccessControl(SecurityIdentifier sid);
+ public void PurgeAudit(SecurityIdentifier sid);
+ public void SetDiscretionaryAclProtection(bool isProtected, bool preserveInheritance);
+ public void SetSystemAclProtection(bool isProtected, bool preserveInheritance);
+ }
+ public sealed class CompoundAce : KnownAce {
+ public CompoundAce(AceFlags flags, int accessMask, CompoundAceType compoundAceType, SecurityIdentifier sid);
+ public override int BinaryLength { get; }
+ public CompoundAceType CompoundAceType { get; set; }
+ public override void GetBinaryForm(byte[] binaryForm, int offset);
+ }
+ public enum CompoundAceType {
+ Impersonation = 1,
+ }
+ public enum ControlFlags {
+ DiscretionaryAclAutoInherited = 1024,
+ DiscretionaryAclAutoInheritRequired = 256,
+ DiscretionaryAclDefaulted = 8,
+ DiscretionaryAclPresent = 4,
+ DiscretionaryAclProtected = 4096,
+ DiscretionaryAclUntrusted = 64,
+ GroupDefaulted = 2,
+ None = 0,
+ OwnerDefaulted = 1,
+ RMControlValid = 16384,
+ SelfRelative = 32768,
+ ServerSecurity = 128,
+ SystemAclAutoInherited = 2048,
+ SystemAclAutoInheritRequired = 512,
+ SystemAclDefaulted = 32,
+ SystemAclPresent = 16,
+ SystemAclProtected = 8192,
+ }
+ public sealed class CustomAce : GenericAce {
+ public static readonly int MaxOpaqueLength;
+ public CustomAce(AceType type, AceFlags flags, byte[] opaque);
+ public override int BinaryLength { get; }
+ public int OpaqueLength { get; }
+ public override void GetBinaryForm(byte[] binaryForm, int offset);
+ public byte[] GetOpaque();
+ public void SetOpaque(byte[] opaque);
+ }
+ public abstract class DirectoryObjectSecurity : ObjectSecurity {
+ protected DirectoryObjectSecurity();
+ protected DirectoryObjectSecurity(CommonSecurityDescriptor securityDescriptor);
+ public virtual AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type, Guid objectType, Guid inheritedObjectType);
+ protected void AddAccessRule(ObjectAccessRule rule);
+ protected void AddAuditRule(ObjectAuditRule rule);
+ public virtual AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags, Guid objectType, Guid inheritedObjectType);
+ public AuthorizationRuleCollection GetAccessRules(bool includeExplicit, bool includeInherited, Type targetType);
+ public AuthorizationRuleCollection GetAuditRules(bool includeExplicit, bool includeInherited, Type targetType);
+ protected override bool ModifyAccess(AccessControlModification modification, AccessRule rule, out bool modified);
+ protected override bool ModifyAudit(AccessControlModification modification, AuditRule rule, out bool modified);
+ protected bool RemoveAccessRule(ObjectAccessRule rule);
+ protected void RemoveAccessRuleAll(ObjectAccessRule rule);
+ protected void RemoveAccessRuleSpecific(ObjectAccessRule rule);
+ protected bool RemoveAuditRule(ObjectAuditRule rule);
+ protected void RemoveAuditRuleAll(ObjectAuditRule rule);
+ protected void RemoveAuditRuleSpecific(ObjectAuditRule rule);
+ protected void ResetAccessRule(ObjectAccessRule rule);
+ protected void SetAccessRule(ObjectAccessRule rule);
+ protected void SetAuditRule(ObjectAuditRule rule);
+ }
+ public sealed class DirectorySecurity : FileSystemSecurity {
+ public DirectorySecurity();
+ public DirectorySecurity(string name, AccessControlSections includeSections);
+ }
+ public sealed class DiscretionaryAcl : CommonAcl {
+ public DiscretionaryAcl(bool isContainer, bool isDS, byte revision, int capacity);
+ public DiscretionaryAcl(bool isContainer, bool isDS, int capacity);
+ public DiscretionaryAcl(bool isContainer, bool isDS, RawAcl rawAcl);
+ public void AddAccess(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags);
+ public void AddAccess(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType);
+ public void AddAccess(AccessControlType accessType, SecurityIdentifier sid, ObjectAccessRule rule);
+ public bool RemoveAccess(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags);
+ public bool RemoveAccess(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType);
+ public bool RemoveAccess(AccessControlType accessType, SecurityIdentifier sid, ObjectAccessRule rule);
+ public void RemoveAccessSpecific(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags);
+ public void RemoveAccessSpecific(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType);
+ public void RemoveAccessSpecific(AccessControlType accessType, SecurityIdentifier sid, ObjectAccessRule rule);
+ public void SetAccess(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags);
+ public void SetAccess(AccessControlType accessType, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType);
+ public void SetAccess(AccessControlType accessType, SecurityIdentifier sid, ObjectAccessRule rule);
+ }
+ public sealed class EventWaitHandleAccessRule : AccessRule {
+ public EventWaitHandleAccessRule(IdentityReference identity, EventWaitHandleRights eventRights, AccessControlType type);
+ public EventWaitHandleAccessRule(string identity, EventWaitHandleRights eventRights, AccessControlType type);
+ public EventWaitHandleRights EventWaitHandleRights { get; }
+ }
+ public sealed class EventWaitHandleAuditRule : AuditRule {
+ public EventWaitHandleAuditRule(IdentityReference identity, EventWaitHandleRights eventRights, AuditFlags flags);
+ public EventWaitHandleRights EventWaitHandleRights { get; }
+ }
+ public enum EventWaitHandleRights {
+ ChangePermissions = 262144,
+ Delete = 65536,
+ FullControl = 2031619,
+ Modify = 2,
+ ReadPermissions = 131072,
+ Synchronize = 1048576,
+ TakeOwnership = 524288,
+ }
+ public sealed class EventWaitHandleSecurity : NativeObjectSecurity {
+ public EventWaitHandleSecurity();
+ public override Type AccessRightType { get; }
+ public override Type AccessRuleType { get; }
+ public override Type AuditRuleType { get; }
+ public override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public void AddAccessRule(EventWaitHandleAccessRule rule);
+ public void AddAuditRule(EventWaitHandleAuditRule rule);
+ public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public bool RemoveAccessRule(EventWaitHandleAccessRule rule);
+ public void RemoveAccessRuleAll(EventWaitHandleAccessRule rule);
+ public void RemoveAccessRuleSpecific(EventWaitHandleAccessRule rule);
+ public bool RemoveAuditRule(EventWaitHandleAuditRule rule);
+ public void RemoveAuditRuleAll(EventWaitHandleAuditRule rule);
+ public void RemoveAuditRuleSpecific(EventWaitHandleAuditRule rule);
+ public void ResetAccessRule(EventWaitHandleAccessRule rule);
+ public void SetAccessRule(EventWaitHandleAccessRule rule);
+ public void SetAuditRule(EventWaitHandleAuditRule rule);
+ }
+ public sealed class FileSecurity : FileSystemSecurity {
+ public FileSecurity();
+ public FileSecurity(string fileName, AccessControlSections includeSections);
+ }
+ public sealed class FileSystemAccessRule : AccessRule {
+ public FileSystemAccessRule(IdentityReference identity, FileSystemRights fileSystemRights, AccessControlType type);
+ public FileSystemAccessRule(IdentityReference identity, FileSystemRights fileSystemRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public FileSystemAccessRule(string identity, FileSystemRights fileSystemRights, AccessControlType type);
+ public FileSystemAccessRule(string identity, FileSystemRights fileSystemRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public FileSystemRights FileSystemRights { get; }
+ }
+ public sealed class FileSystemAuditRule : AuditRule {
+ public FileSystemAuditRule(IdentityReference identity, FileSystemRights fileSystemRights, AuditFlags flags);
+ public FileSystemAuditRule(IdentityReference identity, FileSystemRights fileSystemRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public FileSystemAuditRule(string identity, FileSystemRights fileSystemRights, AuditFlags flags);
+ public FileSystemAuditRule(string identity, FileSystemRights fileSystemRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public FileSystemRights FileSystemRights { get; }
+ }
+ public enum FileSystemRights {
+ AppendData = 4,
+ ChangePermissions = 262144,
+ CreateDirectories = 4,
+ CreateFiles = 2,
+ Delete = 65536,
+ DeleteSubdirectoriesAndFiles = 64,
+ ExecuteFile = 32,
+ FullControl = 2032127,
+ ListDirectory = 1,
+ Modify = 197055,
+ Read = 131209,
+ ReadAndExecute = 131241,
+ ReadAttributes = 128,
+ ReadData = 1,
+ ReadExtendedAttributes = 8,
+ ReadPermissions = 131072,
+ Synchronize = 1048576,
+ TakeOwnership = 524288,
+ Traverse = 32,
+ Write = 278,
+ WriteAttributes = 256,
+ WriteData = 2,
+ WriteExtendedAttributes = 16,
+ }
+ public abstract class FileSystemSecurity : NativeObjectSecurity {
+ public override Type AccessRightType { get; }
+ public override Type AccessRuleType { get; }
+ public override Type AuditRuleType { get; }
+ public sealed override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public void AddAccessRule(FileSystemAccessRule rule);
+ public void AddAuditRule(FileSystemAuditRule rule);
+ public sealed override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public bool RemoveAccessRule(FileSystemAccessRule rule);
+ public void RemoveAccessRuleAll(FileSystemAccessRule rule);
+ public void RemoveAccessRuleSpecific(FileSystemAccessRule rule);
+ public bool RemoveAuditRule(FileSystemAuditRule rule);
+ public void RemoveAuditRuleAll(FileSystemAuditRule rule);
+ public void RemoveAuditRuleSpecific(FileSystemAuditRule rule);
+ public void ResetAccessRule(FileSystemAccessRule rule);
+ public void SetAccessRule(FileSystemAccessRule rule);
+ public void SetAuditRule(FileSystemAuditRule rule);
+ }
+ public abstract class GenericAce {
+ public AceFlags AceFlags { get; set; }
+ public AceType AceType { get; }
+ public AuditFlags AuditFlags { get; }
+ public abstract int BinaryLength { get; }
+ public InheritanceFlags InheritanceFlags { get; }
+ public bool IsInherited { get; }
+ public PropagationFlags PropagationFlags { get; }
+ public GenericAce Copy();
+ public static GenericAce CreateFromBinaryForm(byte[] binaryForm, int offset);
+ public sealed override bool Equals(object o);
+ public abstract void GetBinaryForm(byte[] binaryForm, int offset);
+ public sealed override int GetHashCode();
+ public static bool operator ==(GenericAce left, GenericAce right);
+ public static bool operator !=(GenericAce left, GenericAce right);
+ }
+ public abstract class GenericAcl : ICollection, IEnumerable {
+ public static readonly byte AclRevision;
+ public static readonly byte AclRevisionDS;
+ public static readonly int MaxBinaryLength;
+ protected GenericAcl();
+ public abstract int BinaryLength { get; }
+ public abstract int Count { get; }
+ public bool IsSynchronized { get; }
+ public abstract byte Revision { get; }
+ public virtual object SyncRoot { get; }
+ public abstract GenericAce this[int index] { get; set; }
+ public void CopyTo(GenericAce[] array, int index);
+ public abstract void GetBinaryForm(byte[] binaryForm, int offset);
+ public AceEnumerator GetEnumerator();
+ void System.Collections.ICollection.CopyTo(Array array, int index);
+ IEnumerator System.Collections.IEnumerable.GetEnumerator();
+ }
+ public abstract class GenericSecurityDescriptor {
+ protected GenericSecurityDescriptor();
+ public int BinaryLength { get; }
+ public abstract ControlFlags ControlFlags { get; }
+ public abstract SecurityIdentifier Group { get; set; }
+ public abstract SecurityIdentifier Owner { get; set; }
+ public static byte Revision { get; }
+ public void GetBinaryForm(byte[] binaryForm, int offset);
+ public string GetSddlForm(AccessControlSections includeSections);
+ public static bool IsSddlConversionSupported();
+ }
+ public enum InheritanceFlags {
+ ContainerInherit = 1,
+ None = 0,
+ ObjectInherit = 2,
+ }
+ public abstract class KnownAce : GenericAce {
+ public int AccessMask { get; set; }
+ public SecurityIdentifier SecurityIdentifier { get; set; }
+ }
+ public sealed class MutexAccessRule : AccessRule {
+ public MutexAccessRule(IdentityReference identity, MutexRights eventRights, AccessControlType type);
+ public MutexAccessRule(string identity, MutexRights eventRights, AccessControlType type);
+ public MutexRights MutexRights { get; }
+ }
+ public sealed class MutexAuditRule : AuditRule {
+ public MutexAuditRule(IdentityReference identity, MutexRights eventRights, AuditFlags flags);
+ public MutexRights MutexRights { get; }
+ }
+ public enum MutexRights {
+ ChangePermissions = 262144,
+ Delete = 65536,
+ FullControl = 2031617,
+ Modify = 1,
+ ReadPermissions = 131072,
+ Synchronize = 1048576,
+ TakeOwnership = 524288,
+ }
+ public sealed class MutexSecurity : NativeObjectSecurity {
+ public MutexSecurity();
+ public MutexSecurity(string name, AccessControlSections includeSections);
+ public override Type AccessRightType { get; }
+ public override Type AccessRuleType { get; }
+ public override Type AuditRuleType { get; }
+ public override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public void AddAccessRule(MutexAccessRule rule);
+ public void AddAuditRule(MutexAuditRule rule);
+ public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public bool RemoveAccessRule(MutexAccessRule rule);
+ public void RemoveAccessRuleAll(MutexAccessRule rule);
+ public void RemoveAccessRuleSpecific(MutexAccessRule rule);
+ public bool RemoveAuditRule(MutexAuditRule rule);
+ public void RemoveAuditRuleAll(MutexAuditRule rule);
+ public void RemoveAuditRuleSpecific(MutexAuditRule rule);
+ public void ResetAccessRule(MutexAccessRule rule);
+ public void SetAccessRule(MutexAccessRule rule);
+ public void SetAuditRule(MutexAuditRule rule);
+ }
+ public abstract class NativeObjectSecurity : CommonObjectSecurity {
+ protected NativeObjectSecurity(bool isContainer, ResourceType resourceType);
+ protected NativeObjectSecurity(bool isContainer, ResourceType resourceType, NativeObjectSecurity.ExceptionFromErrorCode exceptionFromErrorCode, object exceptionContext);
+ protected NativeObjectSecurity(bool isContainer, ResourceType resourceType, SafeHandle handle, AccessControlSections includeSections);
+ protected NativeObjectSecurity(bool isContainer, ResourceType resourceType, SafeHandle handle, AccessControlSections includeSections, NativeObjectSecurity.ExceptionFromErrorCode exceptionFromErrorCode, object exceptionContext);
+ protected NativeObjectSecurity(bool isContainer, ResourceType resourceType, string name, AccessControlSections includeSections);
+ protected NativeObjectSecurity(bool isContainer, ResourceType resourceType, string name, AccessControlSections includeSections, NativeObjectSecurity.ExceptionFromErrorCode exceptionFromErrorCode, object exceptionContext);
+ protected sealed override void Persist(SafeHandle handle, AccessControlSections includeSections);
+ protected void Persist(SafeHandle handle, AccessControlSections includeSections, object exceptionContext);
+ protected sealed override void Persist(string name, AccessControlSections includeSections);
+ protected void Persist(string name, AccessControlSections includeSections, object exceptionContext);
+ protected internal delegate Exception ExceptionFromErrorCode(int errorCode, string name, SafeHandle handle, object context);
+ }
+ public abstract class ObjectAccessRule : AccessRule {
+ protected ObjectAccessRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, Guid objectType, Guid inheritedObjectType, AccessControlType type);
+ public Guid InheritedObjectType { get; }
+ public ObjectAceFlags ObjectFlags { get; }
+ public Guid ObjectType { get; }
+ }
+ public sealed class ObjectAce : QualifiedAce {
+ public ObjectAce(AceFlags aceFlags, AceQualifier qualifier, int accessMask, SecurityIdentifier sid, ObjectAceFlags flags, Guid type, Guid inheritedType, bool isCallback, byte[] opaque);
+ public override int BinaryLength { get; }
+ public Guid InheritedObjectAceType { get; set; }
+ public ObjectAceFlags ObjectAceFlags { get; set; }
+ public Guid ObjectAceType { get; set; }
+ public override void GetBinaryForm(byte[] binaryForm, int offset);
+ public static int MaxOpaqueLength(bool isCallback);
+ }
+ public enum ObjectAceFlags {
+ InheritedObjectAceTypePresent = 2,
+ None = 0,
+ ObjectAceTypePresent = 1,
+ }
+ public abstract class ObjectAuditRule : AuditRule {
+ protected ObjectAuditRule(IdentityReference identity, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, Guid objectType, Guid inheritedObjectType, AuditFlags auditFlags);
+ public Guid InheritedObjectType { get; }
+ public ObjectAceFlags ObjectFlags { get; }
+ public Guid ObjectType { get; }
+ }
+ public abstract class ObjectSecurity {
+ protected ObjectSecurity();
+ protected ObjectSecurity(bool isContainer, bool isDS);
+ protected ObjectSecurity(CommonSecurityDescriptor securityDescriptor);
+ public abstract Type AccessRightType { get; }
+ protected bool AccessRulesModified { get; set; }
+ public abstract Type AccessRuleType { get; }
+ public bool AreAccessRulesCanonical { get; }
+ public bool AreAccessRulesProtected { get; }
+ public bool AreAuditRulesCanonical { get; }
+ public bool AreAuditRulesProtected { get; }
+ protected bool AuditRulesModified { get; set; }
+ public abstract Type AuditRuleType { get; }
+ protected bool GroupModified { get; set; }
+ protected bool IsContainer { get; }
+ protected bool IsDS { get; }
+ protected bool OwnerModified { get; set; }
+ public abstract AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public abstract AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public IdentityReference GetGroup(Type targetType);
+ public IdentityReference GetOwner(Type targetType);
+ public byte[] GetSecurityDescriptorBinaryForm();
+ public string GetSecurityDescriptorSddlForm(AccessControlSections includeSections);
+ public static bool IsSddlConversionSupported();
+ protected abstract bool ModifyAccess(AccessControlModification modification, AccessRule rule, out bool modified);
+ public virtual bool ModifyAccessRule(AccessControlModification modification, AccessRule rule, out bool modified);
+ protected abstract bool ModifyAudit(AccessControlModification modification, AuditRule rule, out bool modified);
+ public virtual bool ModifyAuditRule(AccessControlModification modification, AuditRule rule, out bool modified);
+ protected virtual void Persist(bool enableOwnershipPrivilege, string name, AccessControlSections includeSections);
+ protected virtual void Persist(SafeHandle handle, AccessControlSections includeSections);
+ protected virtual void Persist(string name, AccessControlSections includeSections);
+ public virtual void PurgeAccessRules(IdentityReference identity);
+ public virtual void PurgeAuditRules(IdentityReference identity);
+ protected void ReadLock();
+ protected void ReadUnlock();
+ public void SetAccessRuleProtection(bool isProtected, bool preserveInheritance);
+ public void SetAuditRuleProtection(bool isProtected, bool preserveInheritance);
+ public void SetGroup(IdentityReference identity);
+ public void SetOwner(IdentityReference identity);
+ public void SetSecurityDescriptorBinaryForm(byte[] binaryForm);
+ public void SetSecurityDescriptorBinaryForm(byte[] binaryForm, AccessControlSections includeSections);
+ public void SetSecurityDescriptorSddlForm(string sddlForm);
+ public void SetSecurityDescriptorSddlForm(string sddlForm, AccessControlSections includeSections);
+ protected void WriteLock();
+ protected void WriteUnlock();
+ }
+ public abstract class ObjectSecurity<T> : NativeObjectSecurity where T : struct, ValueType {
+ protected ObjectSecurity(bool isContainer, ResourceType resourceType);
+ protected ObjectSecurity(bool isContainer, ResourceType resourceType, SafeHandle safeHandle, AccessControlSections includeSections);
+ protected ObjectSecurity(bool isContainer, ResourceType resourceType, SafeHandle safeHandle, AccessControlSections includeSections, NativeObjectSecurity.ExceptionFromErrorCode exceptionFromErrorCode, object exceptionContext);
+ protected ObjectSecurity(bool isContainer, ResourceType resourceType, string name, AccessControlSections includeSections);
+ protected ObjectSecurity(bool isContainer, ResourceType resourceType, string name, AccessControlSections includeSections, NativeObjectSecurity.ExceptionFromErrorCode exceptionFromErrorCode, object exceptionContext);
+ public override Type AccessRightType { get; }
+ public override Type AccessRuleType { get; }
+ public override Type AuditRuleType { get; }
+ public override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public virtual void AddAccessRule(AccessRule<T> rule);
+ public virtual void AddAuditRule(AuditRule<T> rule);
+ public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ protected internal void Persist(SafeHandle handle);
+ protected internal void Persist(string name);
+ public virtual bool RemoveAccessRule(AccessRule<T> rule);
+ public virtual void RemoveAccessRuleAll(AccessRule<T> rule);
+ public virtual void RemoveAccessRuleSpecific(AccessRule<T> rule);
+ public virtual bool RemoveAuditRule(AuditRule<T> rule);
+ public virtual void RemoveAuditRuleAll(AuditRule<T> rule);
+ public virtual void RemoveAuditRuleSpecific(AuditRule<T> rule);
+ public virtual void ResetAccessRule(AccessRule<T> rule);
+ public virtual void SetAccessRule(AccessRule<T> rule);
+ public virtual void SetAuditRule(AuditRule<T> rule);
+ }
+ public sealed class PrivilegeNotHeldException : UnauthorizedAccessException {
+ public PrivilegeNotHeldException();
+ public PrivilegeNotHeldException(string privilege);
+ public PrivilegeNotHeldException(string privilege, Exception inner);
+ public string PrivilegeName { get; }
+ }
+ public enum PropagationFlags {
+ InheritOnly = 2,
+ None = 0,
+ NoPropagateInherit = 1,
+ }
+ public abstract class QualifiedAce : KnownAce {
+ public AceQualifier AceQualifier { get; }
+ public bool IsCallback { get; }
+ public int OpaqueLength { get; }
+ public byte[] GetOpaque();
+ public void SetOpaque(byte[] opaque);
+ }
+ public sealed class RawAcl : GenericAcl {
+ public RawAcl(byte revision, int capacity);
+ public RawAcl(byte[] binaryForm, int offset);
+ public override int BinaryLength { get; }
+ public override int Count { get; }
+ public override byte Revision { get; }
+ public override GenericAce this[int index] { get; set; }
+ public override void GetBinaryForm(byte[] binaryForm, int offset);
+ public void InsertAce(int index, GenericAce ace);
+ public void RemoveAce(int index);
+ }
+ public sealed class RawSecurityDescriptor : GenericSecurityDescriptor {
+ public RawSecurityDescriptor(byte[] binaryForm, int offset);
+ public RawSecurityDescriptor(ControlFlags flags, SecurityIdentifier owner, SecurityIdentifier group, RawAcl systemAcl, RawAcl discretionaryAcl);
+ public RawSecurityDescriptor(string sddlForm);
+ public override ControlFlags ControlFlags { get; }
+ public RawAcl DiscretionaryAcl { get; set; }
+ public override SecurityIdentifier Group { get; set; }
+ public override SecurityIdentifier Owner { get; set; }
+ public byte ResourceManagerControl { get; set; }
+ public RawAcl SystemAcl { get; set; }
+ public void SetFlags(ControlFlags flags);
+ }
+ public sealed class RegistryAccessRule : AccessRule {
+ public RegistryAccessRule(IdentityReference identity, RegistryRights registryRights, AccessControlType type);
+ public RegistryAccessRule(IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public RegistryAccessRule(string identity, RegistryRights registryRights, AccessControlType type);
+ public RegistryAccessRule(string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public RegistryRights RegistryRights { get; }
+ }
+ public sealed class RegistryAuditRule : AuditRule {
+ public RegistryAuditRule(IdentityReference identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public RegistryAuditRule(string identity, RegistryRights registryRights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public RegistryRights RegistryRights { get; }
+ }
+ public enum RegistryRights {
+ ChangePermissions = 262144,
+ CreateLink = 32,
+ CreateSubKey = 4,
+ Delete = 65536,
+ EnumerateSubKeys = 8,
+ ExecuteKey = 131097,
+ FullControl = 983103,
+ Notify = 16,
+ QueryValues = 1,
+ ReadKey = 131097,
+ ReadPermissions = 131072,
+ SetValue = 2,
+ TakeOwnership = 524288,
+ WriteKey = 131078,
+ }
+ public sealed class RegistrySecurity : NativeObjectSecurity {
+ public RegistrySecurity();
+ public override Type AccessRightType { get; }
+ public override Type AccessRuleType { get; }
+ public override Type AuditRuleType { get; }
+ public override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public void AddAccessRule(RegistryAccessRule rule);
+ public void AddAuditRule(RegistryAuditRule rule);
+ public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public bool RemoveAccessRule(RegistryAccessRule rule);
+ public void RemoveAccessRuleAll(RegistryAccessRule rule);
+ public void RemoveAccessRuleSpecific(RegistryAccessRule rule);
+ public bool RemoveAuditRule(RegistryAuditRule rule);
+ public void RemoveAuditRuleAll(RegistryAuditRule rule);
+ public void RemoveAuditRuleSpecific(RegistryAuditRule rule);
+ public void ResetAccessRule(RegistryAccessRule rule);
+ public void SetAccessRule(RegistryAccessRule rule);
+ public void SetAuditRule(RegistryAuditRule rule);
+ }
+ public enum ResourceType {
+ DSObject = 8,
+ DSObjectAll = 9,
+ FileObject = 1,
+ KernelObject = 6,
+ LMShare = 5,
+ Printer = 3,
+ ProviderDefined = 10,
+ RegistryKey = 4,
+ RegistryWow6432Key = 12,
+ Service = 2,
+ Unknown = 0,
+ WindowObject = 7,
+ WmiGuidObject = 11,
+ }
+ public enum SecurityInfos {
+ DiscretionaryAcl = 4,
+ Group = 2,
+ Owner = 1,
+ SystemAcl = 8,
+ }
+ public sealed class SemaphoreAccessRule : AccessRule {
+ public SemaphoreAccessRule(IdentityReference identity, SemaphoreRights eventRights, AccessControlType type);
+ public SemaphoreAccessRule(string identity, SemaphoreRights eventRights, AccessControlType type);
+ public SemaphoreRights SemaphoreRights { get; }
+ }
+ public sealed class SemaphoreAuditRule : AuditRule {
+ public SemaphoreAuditRule(IdentityReference identity, SemaphoreRights eventRights, AuditFlags flags);
+ public SemaphoreRights SemaphoreRights { get; }
+ }
+ public enum SemaphoreRights {
+ ChangePermissions = 262144,
+ Delete = 65536,
+ FullControl = 2031619,
+ Modify = 2,
+ ReadPermissions = 131072,
+ Synchronize = 1048576,
+ TakeOwnership = 524288,
+ }
+ public sealed class SemaphoreSecurity : NativeObjectSecurity {
+ public SemaphoreSecurity();
+ public SemaphoreSecurity(string name, AccessControlSections includeSections);
+ public override Type AccessRightType { get; }
+ public override Type AccessRuleType { get; }
+ public override Type AuditRuleType { get; }
+ public override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type);
+ public void AddAccessRule(SemaphoreAccessRule rule);
+ public void AddAuditRule(SemaphoreAuditRule rule);
+ public override AuditRule AuditRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags);
+ public bool RemoveAccessRule(SemaphoreAccessRule rule);
+ public void RemoveAccessRuleAll(SemaphoreAccessRule rule);
+ public void RemoveAccessRuleSpecific(SemaphoreAccessRule rule);
+ public bool RemoveAuditRule(SemaphoreAuditRule rule);
+ public void RemoveAuditRuleAll(SemaphoreAuditRule rule);
+ public void RemoveAuditRuleSpecific(SemaphoreAuditRule rule);
+ public void ResetAccessRule(SemaphoreAccessRule rule);
+ public void SetAccessRule(SemaphoreAccessRule rule);
+ public void SetAuditRule(SemaphoreAuditRule rule);
+ }
+ public sealed class SystemAcl : CommonAcl {
+ public SystemAcl(bool isContainer, bool isDS, byte revision, int capacity);
+ public SystemAcl(bool isContainer, bool isDS, int capacity);
+ public SystemAcl(bool isContainer, bool isDS, RawAcl rawAcl);
+ public void AddAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags);
+ public void AddAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType);
+ public void AddAudit(SecurityIdentifier sid, ObjectAuditRule rule);
+ public bool RemoveAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags);
+ public bool RemoveAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType);
+ public bool RemoveAudit(SecurityIdentifier sid, ObjectAuditRule rule);
+ public void RemoveAuditSpecific(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags);
+ public void RemoveAuditSpecific(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType);
+ public void RemoveAuditSpecific(SecurityIdentifier sid, ObjectAuditRule rule);
+ public void SetAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags);
+ public void SetAudit(AuditFlags auditFlags, SecurityIdentifier sid, int accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType);
+ public void SetAudit(SecurityIdentifier sid, ObjectAuditRule rule);
+ }
+}
```
Reference in a new issue View git blame Copy permalink