Class: Win32::Security::SID

Inherits:
Object
  • Object
show all
Extended by:
Windows::Security::Functions
Includes:
Windows::Security::Constants, Windows::Security::Functions, Windows::Security::Structs
Defined in:
lib/win32/security/sid.rb

Overview

The SID class encapsulates a Security Identifier.

Constant Summary collapse

VERSION =

The version of the Win32::Security::SID class.

'0.2.5'
Null =

Some constant SID’s for your convenience, in string format. See support.microsoft.com/kb/243330 for details.

'S-1-0'
Nobody =
'S-1-0-0'
World =
'S-1-1'
Everyone =
'S-1-1-0'
Local =
'S-1-2'
Creator =
'S-1-3'
CreatorOwner =
'S-1-3-0'
CreatorGroup =
'S-1-3-1'
CreatorOwnerServer =
'S-1-3-2'
CreatorGroupServer =
'S-1-3-3'
NonUnique =
'S-1-4'
Nt =
'S-1-5'
Dialup =
'S-1-5-1'
Network =
'S-1-5-2'
Batch =
'S-1-5-3'
Interactive =
'S-1-5-4'
Service =
'S-1-5-6'
Anonymous =
'S-1-5-7'
Proxy =
'S-1-5-8'
EnterpriseDomainControllers =
'S-1-5-9'
PrincipalSelf =
'S-1-5-10'
AuthenticatedUsers =
'S-1-5-11'
RestrictedCode =
'S-1-5-12'
TerminalServerUsers =
'S-1-5-13'
LocalSystem =
'S-1-5-18'
NtLocal =
'S-1-5-19'
NtNetwork =
'S-1-5-20'
BuiltinAdministrators =
'S-1-5-32-544'
BuiltinUsers =
'S-1-5-32-545'
Guests =
'S-1-5-32-546'
PowerUsers =
'S-1-5-32-547'
AccountOperators =
'S-1-5-32-548'
ServerOperators =
'S-1-5-32-549'
PrintOperators =
'S-1-5-32-550'
BackupOperators =
'S-1-5-32-551'
Replicators =
'S-1-5-32-552'

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(account = nil, host = Socket.gethostname) ⇒ SID

Creates and returns a new Win32::Security::SID object, based on the account name, which may also be a binary SID. If a host is provided, then the information is retrieved from that host. Otherwise, the local host is used.

If no account is provided then it retrieves information for the user account associated with the calling thread and the host argument is ignored.

Note that this does NOT create a new SID, but merely retrieves information for an existing SID. To create a new SID, use the SID.create method.

Examples:

# Current user
Win32::Security::SID.new

# User 'john' on the localhost
Win32::Security::SID.new('john')

# User 'jane' on a remote machine
Win32::Security::SID.new('jane', 'some_host')

# Binary SID
Win32::Security::SID.new("\001\000\000\000\000\000\001\000\000\000\000")


183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
# File 'lib/win32/security/sid.rb', line 183

def initialize(=nil, host=Socket.gethostname)
  if .nil?
    begin
      if RUBY_PLATFORM == 'java' && ENV_JAVA['sun.arch.data.model'] == '64'
        ptr_type = :ulong_long
      else
        ptr_type = :uintptr_t
      end

      ptoken = FFI::MemoryPointer.new(ptr_type)

      # Try the thread token first, default to the process token.

      bool = OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, 1, ptoken)

      unless bool
        ptoken.clear
        unless OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, ptoken)
          FFI.raise_windows_error('OpenProcessToken')
        end
      end

      token = ptoken.read_pointer.to_i

      pinfo = FFI::MemoryPointer.new(:pointer)
      plength = FFI::MemoryPointer.new(:ulong)

      # First pass, just get the size needed (1 is TokenOwner)

      GetTokenInformation(token, 1, pinfo, pinfo.size, plength)

      pinfo = FFI::MemoryPointer.new(plength.read_ulong)
      plength.clear

      # Second pass, actual call (1 is TokenOwner)

      unless GetTokenInformation(token, 1, pinfo, pinfo.size, plength)
        FFI.raise_windows_error('GetTokenInformation')
      end

      token_info = pinfo.read_pointer
    ensure
      CloseHandle(token) if token
    end
  end

  ordinal_val =  ? [0].ord : nil

  sid = FFI::MemoryPointer.new(:uchar, 1024)
  sid_size = FFI::MemoryPointer.new(:ulong)
  sid_size.write_ulong(sid.size)

  domain = FFI::MemoryPointer.new(:uchar, 1024)
  domain_size = FFI::MemoryPointer.new(:ulong)
  domain_size.write_ulong(domain.size)

  use_ptr = FFI::MemoryPointer.new(:ulong)

  if ordinal_val.nil?
    bool = LookupAccountSid(
      nil,
      token_info,
      sid,
      sid_size,
      domain,
      domain_size,
      use_ptr
    )
    unless bool
      FFI.raise_windows_error('LookupAccountSid')
    end
  elsif ordinal_val < 10 # Assume it's a binary SID.

     = FFI::MemoryPointer.from_string()

    bool = LookupAccountSid(
      host.wincode,
      ,
      sid,
      sid_size,
      domain,
      domain_size,
      use_ptr
    )

    unless bool
      FFI.raise_windows_error('LookupAccountSid')
    end

    .free
  else
    bool = LookupAccountName(
      host.wincode,
      .wincode,
      sid,
      sid_size,
      domain,
      domain_size,
      use_ptr
    )
    unless bool
      FFI.raise_windows_error('LookupAccountName')
    end
  end

  # The arguments are flipped depending on which path we took

  if ordinal_val.nil?
    length = GetLengthSid(token_info)
    @sid = token_info.read_string(length)
    @account = sid.read_bytes(sid.size).wstrip
  elsif ordinal_val < 10
    @sid = 
    @account = sid.read_bytes(sid.size).wstrip
  else
    length = GetLengthSid(sid)
    @sid = sid.read_bytes(length)
    @account = 
  end


  @host   = host
  @domain = domain.read_bytes(domain.size).wstrip

  @account_type = (use_ptr.read_ulong)
end

Instance Attribute Details

#accountObject (readonly)

The account name passed to the constructor.



63
64
65
# File 'lib/win32/security/sid.rb', line 63

def 
  @account
end

#account_typeObject (readonly)

The SID account type, e.g. ‘user, ’group’, etc.



66
67
68
# File 'lib/win32/security/sid.rb', line 66

def 
  @account_type
end

#domainObject (readonly)

The domain the SID is on.



69
70
71
# File 'lib/win32/security/sid.rb', line 69

def domain
  @domain
end

#hostObject (readonly)

The host passed to the constructor, or the localhost if none was specified.



73
74
75
# File 'lib/win32/security/sid.rb', line 73

def host
  @host
end

#sidObject (readonly)

The binary SID object itself.



60
61
62
# File 'lib/win32/security/sid.rb', line 60

def sid
  @sid
end

Class Method Details

.create(authority, *sub_authorities) ⇒ Object

Creates a new SID with authority and up to 8 subauthorities, and returns new Win32::Security::SID object.

Example:

sec = Security::SID.create(
   Security::SID::SECURITY_WORLD_SID_AUTHORITY,
   Security::SID::SECURITY_WORLD_RID
)

p sec

#<Win32::Security::SID:0x2c5a95c
   @host="your_host",
   @account="Everyone",
   @account_type="well known group",
   @sid="\001\001\000\000\000\000\000\001\000\000\000\000",
   @domain=""
>


129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
# File 'lib/win32/security/sid.rb', line 129

def self.create(authority, *sub_authorities)
  if sub_authorities.length > 8
    raise ArgumentError, "maximum of 8 subauthorities allowed"
  end

  size = GetSidLengthRequired(sub_authorities.length)
  new_obj = nil

  FFI::MemoryPointer.new(:uchar, size) do |sid|
    auth = SID_IDENTIFIER_AUTHORITY.new
    auth[:Value][5] = authority

    unless InitializeSid(sid, auth, sub_authorities.length)
      FFI.raise_windows_error('InitializeSid')
    end

    sub_authorities.each_index do |i|
      ptr = GetSidSubAuthority(sid, i)
      ptr.write_ulong(sub_authorities[i])
    end

    new_obj = new(sid.read_string(size)) # Pass a binary string

  end

  new_obj
end

.open(account = nil, host = Socket.gethostname) ⇒ Object

Synonym for SID.new.



307
308
309
# File 'lib/win32/security/sid.rb', line 307

def self.open(=nil, host=Socket.gethostname)
  new(, host)
end

.sid_to_string(sid) ⇒ Object

Converts a binary SID to a string in S-R-I-S-S… format.



77
78
79
80
81
82
83
84
85
86
87
88
89
# File 'lib/win32/security/sid.rb', line 77

def self.sid_to_string(sid)
  result = nil

  FFI::MemoryPointer.new(:pointer) do |string_sid|
    unless ConvertSidToStringSid(sid, string_sid)
      FFI.raise_windows_error('ConvertSidToStringSid')
    end

    result = string_sid.read_pointer.read_string
  end

  result
end

.string_to_sid(string) ⇒ Object

Converts a string in S-R-I-S-S… format back to a binary SID.



93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# File 'lib/win32/security/sid.rb', line 93

def self.string_to_sid(string)
  result = nil

  FFI::MemoryPointer.new(:pointer) do |sid|
    unless ConvertStringSidToSid(string, sid)
      FFI.raise_windows_error('ConvertStringSidToSid')
    end

    ptr = sid.read_pointer

    result = ptr.read_bytes(GetLengthSid(ptr))
  end

  result
end

Instance Method Details

#==(other) ⇒ Object

Returns whether or not the SID object is equal to other.



332
333
334
# File 'lib/win32/security/sid.rb', line 332

def ==(other)
  EqualSid(@sid, other.sid)
end

#lengthObject

Returns the length of the SID object, in bytes.



357
358
359
# File 'lib/win32/security/sid.rb', line 357

def length
  GetLengthSid(@sid)
end

#to_sObject Also known as: to_str

Returns the binary SID in string format suitable for display, storage or transmission.



314
315
316
317
318
319
320
321
322
323
324
325
326
# File 'lib/win32/security/sid.rb', line 314

def to_s
  string = nil

  FFI::MemoryPointer.new(:pointer) do |ptr|
    unless ConvertSidToStringSid(@sid, ptr)
      FFI.raise_windows_error('ConvertSidToStringSid')
    end

    string = ptr.read_pointer.read_string
  end

  string
end

#valid?Boolean

Returns whether or not the SID is a valid sid.

Returns:

  • (Boolean)


338
339
340
# File 'lib/win32/security/sid.rb', line 338

def valid?
  IsValidSid(@sid)
end

#well_known?Boolean

Returns whether or not the SID is a well known SID.

Requires Windows XP or later. Earlier versions will raise a NoMethodError.

Returns:

  • (Boolean)


347
348
349
350
351
352
353
# File 'lib/win32/security/sid.rb', line 347

def well_known?
  if defined? IsWellKnownSid
    IsWellKnownSid(@sid)
  else
    raise NoMethodError, 'requires Windows XP or later'
  end
end