home *** CD-ROM | disk | FTP | other *** search
/ Chip 2004 July / CMCD0704.ISO / Software / Shareware / Comunicatii / jyte / jyte.exe / ntsecuritycon.py < prev    next >
Text File  |  2003-06-30  |  8KB  |  250 lines
  1. # Hacked from winnt.h
  2.  
  3. DELETE = (65536)
  4. READ_CONTROL = (131072)
  5. WRITE_DAC = (262144)
  6. WRITE_OWNER = (524288)
  7. SYNCHRONIZE = (1048576)
  8. STANDARD_RIGHTS_REQUIRED = (983040)
  9. STANDARD_RIGHTS_READ = (READ_CONTROL)
  10. STANDARD_RIGHTS_WRITE = (READ_CONTROL)
  11. STANDARD_RIGHTS_EXECUTE = (READ_CONTROL)
  12. STANDARD_RIGHTS_ALL = (2031616)
  13. SPECIFIC_RIGHTS_ALL = (65535)
  14. ACCESS_SYSTEM_SECURITY = (16777216)
  15. MAXIMUM_ALLOWED = (33554432)
  16. GENERIC_READ = (-2147483648)
  17. GENERIC_WRITE = (1073741824)
  18. GENERIC_EXECUTE = (536870912)
  19. GENERIC_ALL = (268435456)
  20.  
  21. # file security permissions
  22. FILE_READ_DATA=            ( 1 )
  23. FILE_LIST_DIRECTORY=       ( 1 )
  24. FILE_WRITE_DATA=           ( 2 )
  25. FILE_ADD_FILE=             ( 2 )
  26. FILE_APPEND_DATA=          ( 4 )
  27. FILE_ADD_SUBDIRECTORY=     ( 4 )
  28. FILE_CREATE_PIPE_INSTANCE= ( 4 )
  29. FILE_READ_EA=              ( 8 )
  30. FILE_WRITE_EA=             ( 16 )
  31. FILE_EXECUTE=              ( 32 )
  32. FILE_TRAVERSE=             ( 32 )
  33. FILE_DELETE_CHILD=         ( 64 )
  34. FILE_READ_ATTRIBUTES=      ( 128 )
  35. FILE_WRITE_ATTRIBUTES=     ( 256 )
  36. FILE_ALL_ACCESS=           (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 1023)
  37. FILE_GENERIC_READ=         (STANDARD_RIGHTS_READ | FILE_READ_DATA | FILE_READ_ATTRIBUTES | FILE_READ_EA | SYNCHRONIZE)
  38. FILE_GENERIC_WRITE=        (STANDARD_RIGHTS_WRITE | FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA | FILE_APPEND_DATA | SYNCHRONIZE)
  39. FILE_GENERIC_EXECUTE=      (STANDARD_RIGHTS_EXECUTE | FILE_READ_ATTRIBUTES | FILE_EXECUTE | SYNCHRONIZE)
  40.  
  41.  
  42. SECURITY_NULL_SID_AUTHORITY = (0,0,0,0,0,0)
  43. SECURITY_WORLD_SID_AUTHORITY = (0,0,0,0,0,1)
  44. SECURITY_LOCAL_SID_AUTHORITY = (0,0,0,0,0,2)
  45. SECURITY_CREATOR_SID_AUTHORITY = (0,0,0,0,0,3)
  46. SECURITY_NON_UNIQUE_AUTHORITY = (0,0,0,0,0,4)
  47.  
  48. SECURITY_NULL_RID                 = 0
  49. SECURITY_WORLD_RID                = 0
  50. SECURITY_LOCAL_RID                = 0X00000000
  51.  
  52. SECURITY_CREATOR_OWNER_RID        = 0
  53. SECURITY_CREATOR_GROUP_RID        = 1
  54.  
  55. SECURITY_CREATOR_OWNER_SERVER_RID = 2
  56. SECURITY_CREATOR_GROUP_SERVER_RID = 3
  57.  
  58.  
  59. # NT well-known SIDs
  60. SECURITY_NT_AUTHORITY = (0,0,0,0,0,5)
  61.  
  62. SECURITY_DIALUP_RID             = 1
  63. SECURITY_NETWORK_RID            = 2
  64. SECURITY_BATCH_RID              = 3
  65. SECURITY_INTERACTIVE_RID        = 4
  66. SECURITY_SERVICE_RID            = 6
  67. SECURITY_ANONYMOUS_LOGON_RID    = 7
  68. SECURITY_PROXY_RID              = 8
  69. SECURITY_SERVER_LOGON_RID       = 9
  70.  
  71. SECURITY_LOGON_IDS_RID          = 5
  72. SECURITY_LOGON_IDS_RID_COUNT    = 3
  73.  
  74. SECURITY_LOCAL_SYSTEM_RID       = 18
  75.  
  76. SECURITY_NT_NON_UNIQUE          = 21
  77.  
  78. SECURITY_BUILTIN_DOMAIN_RID     = 32
  79.  
  80. # well-known domain relative sub-authority values (RIDs)...
  81. DOMAIN_USER_RID_ADMIN          = 500
  82. DOMAIN_USER_RID_GUEST          = 501
  83.  
  84.  
  85.  
  86. # well-known groups ...
  87.  
  88. DOMAIN_GROUP_RID_ADMINS        = 512
  89. DOMAIN_GROUP_RID_USERS         = 513
  90. DOMAIN_GROUP_RID_GUESTS        = 514
  91.  
  92.  
  93.  
  94.  
  95. # well-known aliases ...
  96.  
  97. DOMAIN_ALIAS_RID_ADMINS        = 544
  98. DOMAIN_ALIAS_RID_USERS         = 545
  99. DOMAIN_ALIAS_RID_GUESTS        = 546
  100. DOMAIN_ALIAS_RID_POWER_USERS   = 547
  101.  
  102. DOMAIN_ALIAS_RID_ACCOUNT_OPS   = 548
  103. DOMAIN_ALIAS_RID_SYSTEM_OPS    = 549
  104. DOMAIN_ALIAS_RID_PRINT_OPS     = 550
  105. DOMAIN_ALIAS_RID_BACKUP_OPS    = 551
  106.  
  107. DOMAIN_ALIAS_RID_REPLICATOR    = 552
  108.  
  109. SYSTEM_LUID                    = (999, 0)
  110.  
  111. # Group attributes
  112.  
  113. SE_GROUP_MANDATORY              = 1
  114. SE_GROUP_ENABLED_BY_DEFAULT     = 2
  115. SE_GROUP_ENABLED                = 4
  116. SE_GROUP_OWNER                  = 8
  117. SE_GROUP_LOGON_ID               = -1073741824
  118.  
  119.  
  120. # User attributes
  121. # (None yet defined.)
  122.  
  123. ACCESS_ALLOWED_ACE_TYPE          = 0
  124. ACCESS_DENIED_ACE_TYPE           = 1
  125. SYSTEM_AUDIT_ACE_TYPE            = 2
  126. SYSTEM_ALARM_ACE_TYPE            = 3
  127.  
  128.  
  129. #  The following are the inherit flags that go into the AceFlags field
  130. #  of an Ace header.
  131.  
  132. OBJECT_INHERIT_ACE               = 1
  133. CONTAINER_INHERIT_ACE            = 2
  134. NO_PROPAGATE_INHERIT_ACE         = 4
  135. INHERIT_ONLY_ACE                 = 8
  136. VALID_INHERIT_FLAGS              = 15
  137.  
  138.  
  139. SUCCESSFUL_ACCESS_ACE_FLAG       = 64
  140. FAILED_ACCESS_ACE_FLAG           = 128
  141.  
  142. SE_OWNER_DEFAULTED               = 1
  143. SE_GROUP_DEFAULTED               = 2
  144. SE_DACL_PRESENT                  = 4
  145. SE_DACL_DEFAULTED                = 8
  146. SE_SACL_PRESENT                  = 16
  147. SE_SACL_DEFAULTED                = 32
  148. SE_SELF_RELATIVE                 = 32768
  149.  
  150.  
  151. SE_PRIVILEGE_ENABLED_BY_DEFAULT = 1
  152. SE_PRIVILEGE_ENABLED            = 2
  153. SE_PRIVILEGE_USED_FOR_ACCESS    = -2147483648
  154.  
  155. PRIVILEGE_SET_ALL_NECESSARY    = 1
  156.  
  157. #               NT Defined Privileges
  158.  
  159. SE_CREATE_TOKEN_NAME              = "SeCreateTokenPrivilege"
  160. SE_ASSIGNPRIMARYTOKEN_NAME        = "SeAssignPrimaryTokenPrivilege"
  161. SE_LOCK_MEMORY_NAME               = "SeLockMemoryPrivilege"
  162. SE_INCREASE_QUOTA_NAME            = "SeIncreaseQuotaPrivilege"
  163. SE_UNSOLICITED_INPUT_NAME         = "SeUnsolicitedInputPrivilege"
  164. SE_MACHINE_ACCOUNT_NAME           = "SeMachineAccountPrivilege"
  165. SE_TCB_NAME                       = "SeTcbPrivilege"
  166. SE_SECURITY_NAME                  = "SeSecurityPrivilege"
  167. SE_TAKE_OWNERSHIP_NAME            = "SeTakeOwnershipPrivilege"
  168. SE_LOAD_DRIVER_NAME               = "SeLoadDriverPrivilege"
  169. SE_SYSTEM_PROFILE_NAME            = "SeSystemProfilePrivilege"
  170. SE_SYSTEMTIME_NAME                = "SeSystemtimePrivilege"
  171. SE_PROF_SINGLE_PROCESS_NAME       = "SeProfileSingleProcessPrivilege"
  172. SE_INC_BASE_PRIORITY_NAME         = "SeIncreaseBasePriorityPrivilege"
  173. SE_CREATE_PAGEFILE_NAME           = "SeCreatePagefilePrivilege"
  174. SE_CREATE_PERMANENT_NAME          = "SeCreatePermanentPrivilege"
  175. SE_BACKUP_NAME                    = "SeBackupPrivilege"
  176. SE_RESTORE_NAME                   = "SeRestorePrivilege"
  177. SE_SHUTDOWN_NAME                  = "SeShutdownPrivilege"
  178. SE_DEBUG_NAME                     = "SeDebugPrivilege"
  179. SE_AUDIT_NAME                     = "SeAuditPrivilege"
  180. SE_SYSTEM_ENVIRONMENT_NAME        = "SeSystemEnvironmentPrivilege"
  181. SE_CHANGE_NOTIFY_NAME             = "SeChangeNotifyPrivilege"
  182. SE_REMOTE_SHUTDOWN_NAME           = "SeRemoteShutdownPrivilege"
  183.  
  184.  
  185. # Enum SECURITY_IMPERSONATION_LEVEL:
  186. SecurityAnonymous = 0
  187. SecurityIdentification = 1
  188. SecurityImpersonation = 2
  189. SecurityDelegation = 3
  190.  
  191. SECURITY_MAX_IMPERSONATION_LEVEL = SecurityDelegation
  192.  
  193. DEFAULT_IMPERSONATION_LEVEL = SecurityImpersonation
  194.  
  195. TOKEN_ASSIGN_PRIMARY    = 1
  196. TOKEN_DUPLICATE         = 2
  197. TOKEN_IMPERSONATE       = 4
  198. TOKEN_QUERY             = 8
  199. TOKEN_QUERY_SOURCE      = 16
  200. TOKEN_ADJUST_PRIVILEGES = 32
  201. TOKEN_ADJUST_GROUPS     = 64
  202. TOKEN_ADJUST_DEFAULT    = 128
  203.  
  204. TOKEN_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED  |\
  205.                           TOKEN_ASSIGN_PRIMARY      |\
  206.                           TOKEN_DUPLICATE           |\
  207.                           TOKEN_IMPERSONATE         |\
  208.                           TOKEN_QUERY               |\
  209.                           TOKEN_QUERY_SOURCE        |\
  210.                           TOKEN_ADJUST_PRIVILEGES   |\
  211.                           TOKEN_ADJUST_GROUPS       |\
  212.                           TOKEN_ADJUST_DEFAULT)
  213.  
  214.  
  215. TOKEN_READ       = (STANDARD_RIGHTS_READ      |\
  216.                           TOKEN_QUERY)
  217.  
  218.  
  219. TOKEN_WRITE      = (STANDARD_RIGHTS_WRITE     |\
  220.                           TOKEN_ADJUST_PRIVILEGES   |\
  221.                           TOKEN_ADJUST_GROUPS       |\
  222.                           TOKEN_ADJUST_DEFAULT)
  223.  
  224. TOKEN_EXECUTE    = (STANDARD_RIGHTS_EXECUTE)
  225.  
  226. SidTypeUser = 1
  227. SidTypeGroup = 2
  228. SidTypeDomain =3
  229. SidTypeAlias = 4
  230. SidTypeWellKnownGroup = 5
  231. SidTypeDeletedAccount = 6
  232. SidTypeInvalid = 7
  233. SidTypeUnknown = 8
  234.  
  235. # Token types
  236. TokenPrimary = 1
  237. TokenImpersonation = 2
  238.  
  239. TokenUser = 1
  240. TokenGroups = 2
  241. TokenPrivileges = 3
  242. TokenOwner = 4
  243. TokenPrimaryGroup = 5
  244. TokenDefaultDacl = 6
  245. TokenSource = 7
  246. TokenType = 8
  247. TokenImpersonationLevel = 9
  248. TokenStatistics = 10
  249.  
  250.