2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "librpc/gen_ndr/ndr_security.h"
28 enum sec_privilege privilege;
30 } privilege_names[] = {
31 {SEC_PRIV_SECURITY, "SeSecurityPrivilege"},
32 {SEC_PRIV_BACKUP, "SeBackupPrivilege"},
33 {SEC_PRIV_RESTORE, "SeRestorePrivilege"},
34 {SEC_PRIV_SYSTEMTIME, "SeSystemtimePrivilege"},
35 {SEC_PRIV_SHUTDOWN, "SeShutdownPrivilege"},
36 {SEC_PRIV_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege"},
37 {SEC_PRIV_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege"},
38 {SEC_PRIV_DEBUG, "SeDebugPrivilege"},
39 {SEC_PRIV_SYSTEM_ENVIRONMENT, "SeSystemEnvironmentPrivilege"},
40 {SEC_PRIV_SYSTEM_PROFILE, "SeSystemProfilePrivilege"},
41 {SEC_PRIV_PROFILE_SINGLE_PROCESS, "SeProfileSingleProcessPrivilege"},
42 {SEC_PRIV_INCREASE_BASE_PRIORITY, "SeIncreaseBasePriorityPrivilege"},
43 {SEC_PRIV_LOAD_DRIVER, "SeLoadDriverPrivilege"},
44 {SEC_PRIV_CREATE_PAGEFILE, "SeCreatePagefilePrivilege"},
45 {SEC_PRIV_INCREASE_QUOTA, "SeIncreaseQuotaPrivilege"},
46 {SEC_PRIV_CHANGE_NOTIFY, "SeChangeNotifyPrivilege"},
47 {SEC_PRIV_UNDOCK, "SeUndockPrivilege"},
48 {SEC_PRIV_MANAGE_VOLUME, "SeManageVolumePrivilege"},
49 {SEC_PRIV_IMPERSONATE, "SeImpersonatePrivilege"},
50 {SEC_PRIV_CREATE_GLOBAL, "SeCreateGlobalPrivilege"},
51 {SEC_PRIV_ENABLE_DELEGATION, "SeEnableDelegationPrivilege"},
52 {SEC_PRIV_INTERACTIVE_LOGON, "SeInteractiveLogonRight"},
53 {SEC_PRIV_NETWORK_LOGON, "SeNetworkLogonRight"},
54 {SEC_PRIV_REMOTE_INTERACTIVE_LOGON, "SeRemoteInteractiveLogonRight"}
59 map a privilege id to the wire string constant
61 const char *sec_privilege_name(unsigned int privilege)
64 for (i=0;i<ARRAY_SIZE(privilege_names);i++) {
65 if (privilege_names[i].privilege == privilege) {
66 return privilege_names[i].name;
73 map a privilege name to a privilege id. Return -1 if not found
75 int sec_privilege_id(const char *name)
78 for (i=0;i<ARRAY_SIZE(privilege_names);i++) {
79 if (strcasecmp(privilege_names[i].name, name) == 0) {
80 return (int)privilege_names[i].privilege;
88 return True if a security_token has a particular privilege bit set
90 BOOL sec_privilege_check(const struct security_token *token, unsigned int privilege)
93 mask <<= (privilege-1);
94 if (token->privilege_mask & mask) {
101 set a bit in the privilege mask
103 void sec_privilege_set(struct security_token *token, unsigned int privilege)
106 mask <<= (privilege-1);
107 token->privilege_mask |= mask;