Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

security.idl

Visit:

Last change on this file was 732, checked in by Silvan Scherrer, 13 years ago
Samba Server 3.5: update branche to 3.5.12
File size: 18.5 KB

Line
1	#include "idl_types.h"
2
3	/*
4	security IDL structures
5	*/
6
7	import "misc.idl";
8
9	/*
10	use the same structure for dom_sid2 as dom_sid. A dom_sid2 is really
11	just a dom sid, but with the sub_auths represented as a conformant
12	array. As with all in-structure conformant arrays, the array length
13	is placed before the start of the structure. That's what gives rise
14	to the extra num_auths elemenent. We don't want the Samba code to
15	have to bother with such esoteric NDR details, so its easier to just
16	define it as a dom_sid and use pidl magic to make it all work. It
17	just means you need to mark a sid as a "dom_sid2" in the IDL when you
18	know it is of the conformant array variety
19	*/
20	cpp_quote("#define dom_sid2 dom_sid")
21
22	/* same struct as dom_sid but inside a 28 bytes fixed buffer in NDR */
23	cpp_quote("#define dom_sid28 dom_sid")
24
25	/* same struct as dom_sid but in a variable byte buffer, which is maybe empty in NDR */
26	cpp_quote("#define dom_sid0 dom_sid")
27
28	[
29	pyhelper("librpc/ndr/py_security.c"),
30	pointer_default(unique)
31	]
32	interface security
33	{
34
35	typedef [public,gensize,noprint,nosize,nopull,nopush] struct {
36	uint8 sid_rev_num; /*< SID revision number /
37	[range(0,15)] int8 num_auths; /*< Number of sub-authorities /
38	uint8 id_auth[6]; /*< Identifier Authority /
39	uint32 sub_auths[15];
40	} dom_sid;
41	/*
42	access masks are divided up like this:
43	0xabccdddd
44	where
45	a = generic rights bits SEC_GENERIC_
46	b = flags SEC_FLAG_
47	c = standard rights bits SEC_STD_
48	d = object type specific bits SEC_{FILE,DIR,REG,xxx}_
49
50	common combinations of bits are prefixed with SEC_RIGHTS_
51	*/
52	const int SEC_MASK_GENERIC = 0xF0000000;
53	const int SEC_MASK_FLAGS = 0x0F000000;
54	const int SEC_MASK_STANDARD = 0x00FF0000;
55	const int SEC_MASK_SPECIFIC = 0x0000FFFF;
56
57	/* generic bits */
58	const int SEC_GENERIC_ALL = 0x10000000;
59	const int SEC_GENERIC_EXECUTE = 0x20000000;
60	const int SEC_GENERIC_WRITE = 0x40000000;
61	const int SEC_GENERIC_READ = 0x80000000;
62
63	/* flag bits */
64	const int SEC_FLAG_SYSTEM_SECURITY = 0x01000000;
65	const int SEC_FLAG_MAXIMUM_ALLOWED = 0x02000000;
66
67	/* standard bits */
68	const int SEC_STD_DELETE = 0x00010000;
69	const int SEC_STD_READ_CONTROL = 0x00020000;
70	const int SEC_STD_WRITE_DAC = 0x00040000;
71	const int SEC_STD_WRITE_OWNER = 0x00080000;
72	const int SEC_STD_SYNCHRONIZE = 0x00100000;
73	const int SEC_STD_REQUIRED = 0x000F0000;
74	const int SEC_STD_ALL = 0x001F0000;
75
76	/* file specific bits */
77	const int SEC_FILE_READ_DATA = 0x00000001;
78	const int SEC_FILE_WRITE_DATA = 0x00000002;
79	const int SEC_FILE_APPEND_DATA = 0x00000004;
80	const int SEC_FILE_READ_EA = 0x00000008;
81	const int SEC_FILE_WRITE_EA = 0x00000010;
82	const int SEC_FILE_EXECUTE = 0x00000020;
83	const int SEC_FILE_READ_ATTRIBUTE = 0x00000080;
84	const int SEC_FILE_WRITE_ATTRIBUTE = 0x00000100;
85	const int SEC_FILE_ALL = 0x000001ff;
86
87	/* directory specific bits */
88	const int SEC_DIR_LIST = 0x00000001;
89	const int SEC_DIR_ADD_FILE = 0x00000002;
90	const int SEC_DIR_ADD_SUBDIR = 0x00000004;
91	const int SEC_DIR_READ_EA = 0x00000008;
92	const int SEC_DIR_WRITE_EA = 0x00000010;
93	const int SEC_DIR_TRAVERSE = 0x00000020;
94	const int SEC_DIR_DELETE_CHILD = 0x00000040;
95	const int SEC_DIR_READ_ATTRIBUTE = 0x00000080;
96	const int SEC_DIR_WRITE_ATTRIBUTE = 0x00000100;
97
98	/* registry entry specific bits */
99	const int SEC_REG_QUERY_VALUE = 0x00000001;
100	const int SEC_REG_SET_VALUE = 0x00000002;
101	const int SEC_REG_CREATE_SUBKEY = 0x00000004;
102	const int SEC_REG_ENUM_SUBKEYS = 0x00000008;
103	const int SEC_REG_NOTIFY = 0x00000010;
104	const int SEC_REG_CREATE_LINK = 0x00000020;
105
106	/* ldap specific access bits */
107	const int SEC_ADS_CREATE_CHILD = 0x00000001;
108	const int SEC_ADS_DELETE_CHILD = 0x00000002;
109	const int SEC_ADS_LIST = 0x00000004;
110	const int SEC_ADS_SELF_WRITE = 0x00000008;
111	const int SEC_ADS_READ_PROP = 0x00000010;
112	const int SEC_ADS_WRITE_PROP = 0x00000020;
113	const int SEC_ADS_DELETE_TREE = 0x00000040;
114	const int SEC_ADS_LIST_OBJECT = 0x00000080;
115	const int SEC_ADS_CONTROL_ACCESS = 0x00000100;
116
117	/* invalid bits */
118	const int SEC_MASK_INVALID = 0x0ce0fe00;
119
120	/* generic->specific mappings for files */
121	const int SEC_RIGHTS_FILE_READ = SEC_STD_READ_CONTROL \|
122	SEC_STD_SYNCHRONIZE \|
123	SEC_FILE_READ_DATA \|
124	SEC_FILE_READ_ATTRIBUTE \|
125	SEC_FILE_READ_EA;
126
127	const int SEC_RIGHTS_FILE_WRITE = SEC_STD_READ_CONTROL \|
128	SEC_STD_SYNCHRONIZE \|
129	SEC_FILE_WRITE_DATA \|
130	SEC_FILE_WRITE_ATTRIBUTE \|
131	SEC_FILE_WRITE_EA \|
132	SEC_FILE_APPEND_DATA;
133
134	const int SEC_RIGHTS_FILE_EXECUTE = SEC_STD_SYNCHRONIZE \|
135	SEC_STD_READ_CONTROL \|
136	SEC_FILE_READ_ATTRIBUTE \|
137	SEC_FILE_EXECUTE;
138
139	const int SEC_RIGHTS_FILE_ALL = SEC_STD_ALL \| SEC_FILE_ALL;
140
141	/* generic->specific mappings for directories (same as files) */
142	const int SEC_RIGHTS_DIR_READ = SEC_RIGHTS_FILE_READ;
143	const int SEC_RIGHTS_DIR_WRITE = SEC_RIGHTS_FILE_WRITE;
144	const int SEC_RIGHTS_DIR_EXECUTE = SEC_RIGHTS_FILE_EXECUTE;
145	const int SEC_RIGHTS_DIR_ALL = SEC_RIGHTS_FILE_ALL;
146
147	/* rights granted by some specific privileges */
148	const int SEC_RIGHTS_PRIV_BACKUP = SEC_STD_READ_CONTROL \|
149	SEC_FLAG_SYSTEM_SECURITY \|
150	SEC_GENERIC_READ;
151	const int SEC_RIGHTS_DIR_PRIV_BACKUP = SEC_RIGHTS_PRIV_BACKUP
152	\| SEC_DIR_TRAVERSE;
153
154	const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC \|
155	SEC_STD_WRITE_OWNER \|
156	SEC_FLAG_SYSTEM_SECURITY \|
157	SEC_STD_DELETE;
158	const int SEC_RIGHTS_DIR_PRIV_RESTORE = SEC_RIGHTS_PRIV_RESTORE \|
159	SEC_DIR_ADD_FILE \|
160	SEC_DIR_ADD_SUBDIR;
161
162	/* combinations of standard masks. */
163	const int STANDARD_RIGHTS_ALL_ACCESS = SEC_STD_ALL; /* 0x001f0000 */
164	const int STANDARD_RIGHTS_MODIFY_ACCESS = SEC_STD_READ_CONTROL; /* 0x00020000 */
165	const int STANDARD_RIGHTS_EXECUTE_ACCESS = SEC_STD_READ_CONTROL; /* 0x00020000 */
166	const int STANDARD_RIGHTS_READ_ACCESS = SEC_STD_READ_CONTROL; /* 0x00020000 */
167	const int STANDARD_RIGHTS_WRITE_ACCESS =
168	(SEC_STD_WRITE_OWNER \|
169	SEC_STD_WRITE_DAC \|
170	SEC_STD_DELETE); /* 0x000d0000 */
171	const int STANDARD_RIGHTS_REQUIRED_ACCESS =
172	(SEC_STD_DELETE \|
173	SEC_STD_READ_CONTROL \|
174	SEC_STD_WRITE_DAC \|
175	SEC_STD_WRITE_OWNER); /* 0x000f0000 */
176
177	/* generic->specific mappings for Directory Service objects */
178	/* directory specific part of GENERIC_ALL */
179	const int SEC_ADS_GENERIC_ALL_DS =
180	(SEC_STD_DELETE \|
181	SEC_STD_WRITE_DAC \|
182	SEC_STD_WRITE_OWNER \|
183	SEC_ADS_CREATE_CHILD \|
184	SEC_ADS_DELETE_CHILD \|
185	SEC_ADS_DELETE_TREE \|
186	SEC_ADS_CONTROL_ACCESS);
187	const int SEC_ADS_GENERIC_EXECUTE = SEC_STD_READ_CONTROL \| SEC_ADS_LIST;
188	const int SEC_ADS_GENERIC_WRITE =
189	(SEC_STD_READ_CONTROL \|
190	SEC_ADS_SELF_WRITE \|
191	SEC_ADS_WRITE_PROP);
192	const int SEC_ADS_GENERIC_READ =
193	(SEC_STD_READ_CONTROL \|
194	SEC_ADS_LIST \|
195	SEC_ADS_READ_PROP \|
196	SEC_ADS_LIST_OBJECT);
197	const int SEC_ADS_GENERIC_ALL =
198	(SEC_ADS_GENERIC_EXECUTE \|
199	SEC_ADS_GENERIC_WRITE \|
200	SEC_ADS_GENERIC_READ \|
201	SEC_ADS_GENERIC_ALL_DS);
202
203	/***************************************************************/
204	/* WELL KNOWN SIDS */
205
206	/* a NULL sid */
207	const string SID_NULL = "S-1-0-0";
208
209	/* the world domain */
210	const string NAME_WORLD = "WORLD";
211
212	const string SID_WORLD_DOMAIN = "S-1-1";
213	const string SID_WORLD = "S-1-1-0";
214
215	/* SECURITY_CREATOR_SID_AUTHORITY */
216	const string SID_CREATOR_OWNER_DOMAIN = "S-1-3";
217	const string SID_CREATOR_OWNER = "S-1-3-0";
218	const string SID_CREATOR_GROUP = "S-1-3-1";
219	const string SID_OWNER_RIGHTS = "S-1-3-4";
220
221	/* SECURITY_NT_AUTHORITY */
222	const string NAME_NT_AUTHORITY = "NT AUTHORITY";
223
224	const string SID_NT_AUTHORITY = "S-1-5";
225	const string SID_NT_DIALUP = "S-1-5-1";
226	const string SID_NT_NETWORK = "S-1-5-2";
227	const string SID_NT_BATCH = "S-1-5-3";
228	const string SID_NT_INTERACTIVE = "S-1-5-4";
229	const string SID_NT_SERVICE = "S-1-5-6";
230	const string SID_NT_ANONYMOUS = "S-1-5-7";
231	const string SID_NT_PROXY = "S-1-5-8";
232	const string SID_NT_ENTERPRISE_DCS = "S-1-5-9";
233	const string SID_NT_SELF = "S-1-5-10";
234	const string SID_NT_AUTHENTICATED_USERS = "S-1-5-11";
235	const string SID_NT_RESTRICTED = "S-1-5-12";
236	const string SID_NT_TERMINAL_SERVER_USERS = "S-1-5-13";
237	const string SID_NT_REMOTE_INTERACTIVE = "S-1-5-14";
238	const string SID_NT_THIS_ORGANISATION = "S-1-5-15";
239	const string SID_NT_IUSR = "S-1-5-17";
240	const string SID_NT_SYSTEM = "S-1-5-18";
241	const string SID_NT_LOCAL_SERVICE = "S-1-5-19";
242	const string SID_NT_NETWORK_SERVICE = "S-1-5-20";
243	const string SID_NT_DIGEST_AUTHENTICATION = "S-1-5-64-21";
244	const string SID_NT_NTLM_AUTHENTICATION = "S-1-5-64-10";
245	const string SID_NT_SCHANNEL_AUTHENTICATION = "S-1-5-64-14";
246	const string SID_NT_OTHER_ORGANISATION = "S-1-5-1000";
247
248	/* SECURITY_BUILTIN_DOMAIN_RID */
249	const string NAME_BUILTIN = "BUILTIN";
250
251	const string SID_BUILTIN = "S-1-5-32";
252	const string SID_BUILTIN_ADMINISTRATORS = "S-1-5-32-544";
253	const string SID_BUILTIN_USERS = "S-1-5-32-545";
254	const string SID_BUILTIN_GUESTS = "S-1-5-32-546";
255	const string SID_BUILTIN_POWER_USERS = "S-1-5-32-547";
256	const string SID_BUILTIN_ACCOUNT_OPERATORS = "S-1-5-32-548";
257	const string SID_BUILTIN_SERVER_OPERATORS = "S-1-5-32-549";
258	const string SID_BUILTIN_PRINT_OPERATORS = "S-1-5-32-550";
259	const string SID_BUILTIN_BACKUP_OPERATORS = "S-1-5-32-551";
260	const string SID_BUILTIN_REPLICATOR = "S-1-5-32-552";
261	const string SID_BUILTIN_RAS_SERVERS = "S-1-5-32-553";
262	const string SID_BUILTIN_PREW2K = "S-1-5-32-554";
263	const string SID_BUILTIN_REMOTE_DESKTOP_USERS = "S-1-5-32-555";
264	const string SID_BUILTIN_NETWORK_CONF_OPERATORS = "S-1-5-32-556";
265
266	/* well-known domain RIDs */
267	const int DOMAIN_RID_LOGON = 9;
268	const int DOMAIN_RID_ADMINISTRATOR = 500;
269	const int DOMAIN_RID_GUEST = 501;
270	const int DOMAIN_RID_KRBTGT = 502;
271	const int DOMAIN_RID_ADMINS = 512;
272	const int DOMAIN_RID_USERS = 513;
273	const int DOMAIN_RID_GUESTS = 514;
274	const int DOMAIN_RID_DOMAIN_MEMBERS = 515;
275	const int DOMAIN_RID_DCS = 516;
276	const int DOMAIN_RID_CERT_ADMINS = 517;
277	const int DOMAIN_RID_SCHEMA_ADMINS = 518;
278	const int DOMAIN_RID_ENTERPRISE_ADMINS = 519;
279	const int DOMAIN_RID_POLICY_ADMINS = 520;
280
281
282	/*
283	privilege IDs. Please keep the IDs below 64. If we get more
284	than 64 then we need to change security_token
285	*/
286	typedef enum {
287	SEC_PRIV_SECURITY = 1,
288	SEC_PRIV_BACKUP = 2,
289	SEC_PRIV_RESTORE = 3,
290	SEC_PRIV_SYSTEMTIME = 4,
291	SEC_PRIV_SHUTDOWN = 5,
292	SEC_PRIV_REMOTE_SHUTDOWN = 6,
293	SEC_PRIV_TAKE_OWNERSHIP = 7,
294	SEC_PRIV_DEBUG = 8,
295	SEC_PRIV_SYSTEM_ENVIRONMENT = 9,
296	SEC_PRIV_SYSTEM_PROFILE = 10,
297	SEC_PRIV_PROFILE_SINGLE_PROCESS = 11,
298	SEC_PRIV_INCREASE_BASE_PRIORITY = 12,
299	SEC_PRIV_LOAD_DRIVER = 13,
300	SEC_PRIV_CREATE_PAGEFILE = 14,
301	SEC_PRIV_INCREASE_QUOTA = 15,
302	SEC_PRIV_CHANGE_NOTIFY = 16,
303	SEC_PRIV_UNDOCK = 17,
304	SEC_PRIV_MANAGE_VOLUME = 18,
305	SEC_PRIV_IMPERSONATE = 19,
306	SEC_PRIV_CREATE_GLOBAL = 20,
307	SEC_PRIV_ENABLE_DELEGATION = 21,
308	SEC_PRIV_INTERACTIVE_LOGON = 22,
309	SEC_PRIV_NETWORK_LOGON = 23,
310	SEC_PRIV_REMOTE_INTERACTIVE_LOGON = 24,
311	SEC_PRIV_MACHINE_ACCOUNT = 25
312	} sec_privilege;
313
314
315	typedef [public,bitmap8bit] bitmap {
316	SEC_ACE_FLAG_OBJECT_INHERIT = 0x01,
317	SEC_ACE_FLAG_CONTAINER_INHERIT = 0x02,
318	SEC_ACE_FLAG_NO_PROPAGATE_INHERIT = 0x04,
319	SEC_ACE_FLAG_INHERIT_ONLY = 0x08,
320	SEC_ACE_FLAG_INHERITED_ACE = 0x10,
321	SEC_ACE_FLAG_VALID_INHERIT = 0x0f,
322	SEC_ACE_FLAG_SUCCESSFUL_ACCESS = 0x40,
323	SEC_ACE_FLAG_FAILED_ACCESS = 0x80
324	} security_ace_flags;
325
326	typedef [public,enum8bit] enum {
327	SEC_ACE_TYPE_ACCESS_ALLOWED = 0,
328	SEC_ACE_TYPE_ACCESS_DENIED = 1,
329	SEC_ACE_TYPE_SYSTEM_AUDIT = 2,
330	SEC_ACE_TYPE_SYSTEM_ALARM = 3,
331	SEC_ACE_TYPE_ALLOWED_COMPOUND = 4,
332	SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT = 5,
333	SEC_ACE_TYPE_ACCESS_DENIED_OBJECT = 6,
334	SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT = 7,
335	SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT = 8
336	} security_ace_type;
337
338	typedef [bitmap32bit] bitmap {
339	SEC_ACE_OBJECT_TYPE_PRESENT = 0x00000001,
340	SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT = 0x00000002
341	} security_ace_object_flags;
342
343	typedef [nodiscriminant] union {
344	/* this is the 'schemaIDGUID' attribute of the attribute object in the schema naming context */
345	[case(SEC_ACE_OBJECT_TYPE_PRESENT)] GUID type;
346	[default];
347	} security_ace_object_type;
348
349	typedef [nodiscriminant] union {
350	/* this is the 'schemaIDGUID' attribute of the objectclass object in the schema naming context
351	* (of the parent container)
352	*/
353	[case(SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT)] GUID inherited_type;
354	[default];
355	} security_ace_object_inherited_type;
356
357	typedef struct {
358	security_ace_object_flags flags;
359	[switch_is(flags & SEC_ACE_OBJECT_TYPE_PRESENT)] security_ace_object_type type;
360	[switch_is(flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT)] security_ace_object_inherited_type inherited_type;
361	} security_ace_object;
362
363	typedef [public,nodiscriminant] union {
364	[case(SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT)] security_ace_object object;
365	[case(SEC_ACE_TYPE_ACCESS_DENIED_OBJECT)] security_ace_object object;
366	[case(SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT)] security_ace_object object;
367	[case(SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT)] security_ace_object object;
368	[default];
369	} security_ace_object_ctr;
370
371	typedef [public,nopull,gensize,nosize] struct {
372	security_ace_type type; /* SEC_ACE_TYPE_* */
373	security_ace_flags flags; /* SEC_ACE_FLAG_* */
374	[value(ndr_size_security_ace(r,ndr->iconv_convenience,ndr->flags))] uint16 size;
375	uint32 access_mask;
376	[switch_is(type)] security_ace_object_ctr object;
377	dom_sid trustee;
378	} security_ace;
379
380	typedef enum {
381	SECURITY_ACL_REVISION_NT4 = 2,
382	SECURITY_ACL_REVISION_ADS = 4
383	} security_acl_revision;
384
385	const uint NT4_ACL_REVISION = SECURITY_ACL_REVISION_NT4;
386
387	typedef [public,gensize,nosize] struct {
388	security_acl_revision revision;
389	[value(ndr_size_security_acl(r,ndr->iconv_convenience,ndr->flags))] uint16 size;
390	[range(0,1000)] uint32 num_aces;
391	security_ace aces[num_aces];
392	} security_acl;
393
394	/* default revision for new ACLs */
395	typedef [public,enum8bit] enum {
396	SECURITY_DESCRIPTOR_REVISION_1 = 1
397	} security_descriptor_revision;
398
399	const int SD_REVISION = SECURITY_DESCRIPTOR_REVISION_1;
400
401	/* security_descriptor->type bits */
402	typedef [public,bitmap16bit] bitmap {
403	SEC_DESC_OWNER_DEFAULTED = 0x0001,
404	SEC_DESC_GROUP_DEFAULTED = 0x0002,
405	SEC_DESC_DACL_PRESENT = 0x0004,
406	SEC_DESC_DACL_DEFAULTED = 0x0008,
407	SEC_DESC_SACL_PRESENT = 0x0010,
408	SEC_DESC_SACL_DEFAULTED = 0x0020,
409	SEC_DESC_DACL_TRUSTED = 0x0040,
410	SEC_DESC_SERVER_SECURITY = 0x0080,
411	SEC_DESC_DACL_AUTO_INHERIT_REQ = 0x0100,
412	SEC_DESC_SACL_AUTO_INHERIT_REQ = 0x0200,
413	SEC_DESC_DACL_AUTO_INHERITED = 0x0400,
414	SEC_DESC_SACL_AUTO_INHERITED = 0x0800,
415	SEC_DESC_DACL_PROTECTED = 0x1000,
416	SEC_DESC_SACL_PROTECTED = 0x2000,
417	SEC_DESC_RM_CONTROL_VALID = 0x4000,
418	SEC_DESC_SELF_RELATIVE = 0x8000
419	} security_descriptor_type;
420
421	typedef [gensize,nosize,public,flag(NDR_LITTLE_ENDIAN)] struct {
422	security_descriptor_revision revision;
423	security_descriptor_type type; /* SEC_DESC_xxxx flags */
424	[relative] dom_sid *owner_sid;
425	[relative] dom_sid *group_sid;
426	[relative] security_acl sacl; / system ACL */
427	[relative] security_acl dacl; / user (discretionary) ACL */
428	} security_descriptor;
429
430	typedef [public] struct {
431	[range(0,0x40000),value(ndr_size_security_descriptor(sd,ndr->iconv_convenience,ndr->flags))] uint32 sd_size;
432	[subcontext(4)] security_descriptor *sd;
433	} sec_desc_buf;
434
435	typedef [public] struct {
436	dom_sid *user_sid;
437	dom_sid *group_sid;
438	uint32 num_sids;
439	[size_is(num_sids)] dom_sid sids[];
440	udlong privilege_mask;
441	security_acl *default_dacl;
442	} security_token;
443
444	/* bits that determine which parts of a security descriptor
445	are being queried/set */
446	typedef [public,bitmap32bit] bitmap {
447	SECINFO_OWNER = 0x00000001,
448	SECINFO_GROUP = 0x00000002,
449	SECINFO_DACL = 0x00000004,
450	SECINFO_SACL = 0x00000008,
451	SECINFO_LABEL = 0x00000010,
452	SECINFO_UNPROTECTED_SACL = 0x10000000,
453	SECINFO_UNPROTECTED_DACL = 0x20000000,
454	SECINFO_PROTECTED_SACL = 0x40000000,
455	SECINFO_PROTECTED_DACL = 0x80000000
456	} security_secinfo;
457
458	typedef [public,bitmap32bit] bitmap {
459	KERB_ENCTYPE_DES_CBC_CRC = 0x00000001,
460	KERB_ENCTYPE_DES_CBC_MD5 = 0x00000002,
461	KERB_ENCTYPE_RC4_HMAC_MD5 = 0x00000004,
462	KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 = 0x00000008,
463	KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 = 0x00000010
464	} kerb_EncTypes;
465
466	typedef [public,bitmap32bit] bitmap {
467	SEC_DACL_AUTO_INHERIT = 0x00000001,
468	SEC_SACL_AUTO_INHERIT = 0x00000002,
469	SEC_DEFAULT_DESCRIPTOR = 0x00000004,
470	SEC_OWNER_FROM_PARENT = 0x00000008,
471	SEC_GROUP_FROM_PARENT = 0x00000010
472	} security_autoinherit;
473	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: branches/samba-3.5.x/librpc/idl/security.idl

Download in other formats: