[Win32utils-devel] Some more win32-security: SID.create

Heesob Park phasis at gmail.com
Tue Jul 8 23:12:47 EDT 2008


Hi,

2008/7/9 Berger, Daniel <Daniel.Berger at qwest.com>:
> Hi all,
>
> How does this look as a general approach to a SID.create method:
>
> # Creates and initializes
> def self.create(authority, *sub_authorities)
>   if sub_authorities.length > 8
>      raise ArgumentError, 'maximum of 8 subauthorities allowed'
>   end
>
>   authorities = Array.new(8, 0)
>   authorities.replace(sub_authorities)
>   count = authorities.select{ |e| e > 0 }.size
>
>   if count == 0
>      # Use InitializeSid()
>   else
>      # Use AllocateAndInitializeSid()
>   end
> end
>
> Any help actually implementing this method would also be greatly
> appreciated, as my attempts were not working out so well.
>
Here is an working code:

def self.create(authority, *sub_authorities)

  if sub_authorities.length > 8
     raise ArgumentError, "maximum of 8 subauthorities allowed"
  end

  sid = 0.chr * GetSidLengthRequired(sub_authorities.length+1)

  if [0,1,2,3,5].include?(authority)
      auth = 0.chr * 5 + authority.chr
      bool = InitializeSid(sid, auth, sub_authorities.length+1)
      unless bool
       raise Error, get_last_error
      end
      sub_authorities.each_index do |i|
         value = [sub_authorities[i]].pack('L')
         auth_ptr = GetSidSubAuthority(sid, i)
         memcpy(auth_ptr,value,4)
      end
  end
  sid
end


Above code works with GetSidSubAuthority definition like this:
API.new('GetSidSubAuthority', 'PL', 'L', 'advapi32')


Regards,

Park Heesob


More information about the win32utils-devel mailing list