[Win32utils-devel] Some more win32-security: SID.create

Berger, Daniel Daniel.Berger at qwest.com
Fri Jul 11 09:35:24 EDT 2008


 

> -----Original Message-----
> From: win32utils-devel-bounces at rubyforge.org 
> [mailto:win32utils-devel-bounces at rubyforge.org] On Behalf Of 
> Heesob Park
> Sent: Thursday, July 10, 2008 10:27 PM
> To: Development and ideas for win32utils projects
> Subject: Re: [Win32utils-devel] Some more win32-security: SID.create
> 
> Hi,
> 
> 2008/7/11 Daniel Berger <djberg96 at gmail.com>:
> > Hi,
> >
> > <snip>
> >
> >> That is just ruby version of the following code:
> >>
> >>       long j;
> >>        for( j = 2; j <= lcAuths+1; j++)
> >>        {
> >>            DWORD dwValue = (DWORD)atol(pAuths[j]);
> >>            PDWORD pdwSubAuth = GetSidSubAuthority( 
> pLocalSid, (j-2));
> >>            *pdwSubAuth = dwValue;
> >>        }
> >>
> >> Why do you think that did nothing?
> >
> > I guess I misread it. Nevermind. :)
> >
> > I did remove the [0,1,2,3,5] loop, though.
> >
> > I do need some help with testing please. I've added some 
> more tests in 
> > CVS, but I wasn't sure what a good way was to test SID.create with 
> > subauthorities. Any suggestions?
> >
> I guess SID.create test with Well-known SIDs is possible.
> Refer to http://msdn.microsoft.com/en-us/library/aa379649(VS.85).aspx

After adding some RID constants to Windows::Security (now in CVS) I
tried this:

include Win32

s = Security::SID.create(
   Security::SID::SECURITY_WORLD_SID_AUTHORITY,
   Security::SID::SECURITY_WORLD_RID
)

p s

But I get:

C:\Documents and
Settings\djberge\workspace\win32-security\lib\win32\security>ruby sid.rb
sid.rb:151:in `initialize': No mapping between account names and
security IDs was done. (Win32::Security::SID:
:Error)
        from sid.rb:89:in `new'
        from sid.rb:89:in `create'
        from sid.rb:231

I suspect I don't understand the Windows security model as well as I
should. Perhaps I should order this book:

"Programming Windows Security"

http://www.bookpool.com/sm/0201604426

It's a bit dated, but probably has everything I need. Does anyone have
any opinion on this book?

Thanks,

Dan




This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly 
prohibited and may be unlawful.  If you have received this communication 
in error, please immediately notify the sender by reply e-mail and destroy 
all copies of the communication and any attachments.


More information about the win32utils-devel mailing list