AGB  ·  Datenschutz  ·  Impressum  







Anmelden
Nützliche Links
Registrieren
Zurück Delphi-PRAXiS Programmierung allgemein Win32/Win64 API (native code) Delphi XXXAccessCheck and Callback+Object ACE Types
Thema durchsuchen
Ansicht
Themen-Optionen

XXXAccessCheck and Callback+Object ACE Types

Ein Thema von Dezipaitor · begonnen am 12. Jan 2008
Antwort Antwort
Dezipaitor

Registriert seit: 14. Apr 2003
Ort: Stuttgart
1.701 Beiträge
 
Delphi 7 Professional
 
#1

XXXAccessCheck and Callback+Object ACE Types

  Alt 12. Jan 2008, 00:44
hi

I'm creating object trees with different properties which also have different
permissions. Because this can depend on several other things, I also want to
use callback.

The AuthZ API with
AuthzInitializeResourceManager and AuthzCachedAccessCheck
looks good for me because AccessCheckXXXX do not seem to provide a callback
routine.


AuthzAccessCheck calls my callback funct if an ACE of type
ACCESS_ALLOWED_CALLBACK_ACE_TYPE is available -> added by AddAce
If an ACE of type ACCESS_ALLOWED_OBJECT_ACE_TYPE is available the object's
GUID is checked correctly -> added by AddAccessAllowedObjectAce

However:
If I add an ACE of type ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE (object +
callback) using AddAce (I could not find a function like
AddAccessAllowedCallbackObjectAce)
nothing happens and access is denied at all.
??? A possible solution may be to use AddAccessAllowedCallbackObjectAce and
then manipulate the type of the ACE?????

I'm using a library in Pascal that I created myself so I cannot give a single
example. But If you insist I will post the essential parts. But maybe
AccessCheck does not support such ACE types?

PS.
Did you know that AddAce seems to corrupt the ACL if one try to add a simple
object ACE? RtlValidACL returns false after the call to AddAce.
Using AddAccessAllowedObjectAce solves the problem. However:
ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE can be added by AddAce.

PPS.
I'm using Windows Vista 32bit (no SP). I do not consider the Windowsversion
as the source of problems (it should work with >=XP)

PPPS
Post in msdn forum
http://forums.microsoft.com/MSDN/Sho...67084&SiteID=1


Thanks for reply
----

Aus Faulheit poste ich hier in englisch, da ich es schon überall eigentlich gepostet habe. Man kann mir aber auch auf deutsch anwtorten.
Christian
Windows, Tokens, Access Control List, Dateisicherheit, Desktop, Vista Elevation?
Goto: JEDI API LIB & Windows Security Code Library (JWSCL)
  Mit Zitat antworten Zitat
Antwort Antwort


Forumregeln

Es ist dir nicht erlaubt, neue Themen zu verfassen.
Es ist dir nicht erlaubt, auf Beiträge zu antworten.
Es ist dir nicht erlaubt, Anhänge hochzuladen.
Es ist dir nicht erlaubt, deine Beiträge zu bearbeiten.

BB-Code ist an.
Smileys sind an.
[IMG] Code ist an.
HTML-Code ist aus.
Trackbacks are an
Pingbacks are an
Refbacks are aus

Gehe zu:

Impressum · AGB · Datenschutz · Nach oben
Alle Zeitangaben in WEZ +1. Es ist jetzt 12:51 Uhr.
Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO © 2011, Crawlability, Inc.
Delphi-PRAXiS (c) 2002 - 2023 by Daniel R. Wolf, 2024 by Thomas Breitkreuz