1/* 2 Unix SMB/CIFS implementation. 3 SMB parameters and setup 4 Copyright (C) Andrew Tridgell 1992-2000 5 Copyright (C) Luke Kenneth Casson Leighton 1996-2000 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License as published by 9 the Free Software Foundation; either version 2 of the License, or 10 (at your option) any later version. 11 12 This program is distributed in the hope that it will be useful, 13 but WITHOUT ANY WARRANTY; without even the implied warranty of 14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 GNU General Public License for more details. 16 17 You should have received a copy of the GNU General Public License 18 along with this program; if not, write to the Free Software 19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 20*/ 21 22#ifndef _RPC_SECDES_H /* _RPC_SECDES_H */ 23#define _RPC_SECDES_H 24 25#define SEC_RIGHTS_QUERY_VALUE 0x00000001 26#define SEC_RIGHTS_SET_VALUE 0x00000002 27#define SEC_RIGHTS_CREATE_SUBKEY 0x00000004 28#define SEC_RIGHTS_ENUM_SUBKEYS 0x00000008 29#define SEC_RIGHTS_NOTIFY 0x00000010 30#define SEC_RIGHTS_CREATE_LINK 0x00000020 31#define SEC_RIGHTS_READ 0x00020019 32#define SEC_RIGHTS_FULL_CONTROL 0x000f003f 33#define SEC_RIGHTS_MAXIMUM_ALLOWED 0x02000000 34 35/* for ADS */ 36#define SEC_RIGHTS_LIST_CONTENTS 0x4 37#define SEC_RIGHTS_LIST_OBJECT 0x80 38#define SEC_RIGHTS_READ_ALL_PROP 0x10 39#define SEC_RIGHTS_READ_PERMS 0x20000 40#define SEC_RIGHTS_WRITE_ALL_VALID 0x8 41#define SEC_RIGHTS_WRITE_ALL_PROP 0x20 42#define SEC_RIGHTS_MODIFY_OWNER 0x80000 43#define SEC_RIGHTS_MODIFY_PERMS 0x40000 44#define SEC_RIGHTS_CREATE_CHILD 0x1 45#define SEC_RIGHTS_DELETE_CHILD 0x2 46#define SEC_RIGHTS_DELETE_SUBTREE 0x40 47#define SEC_RIGHTS_DELETE 0x10000 /* advanced/special/object/delete */ 48#define SEC_RIGHTS_EXTENDED 0x100 /* change/reset password, receive/send as*/ 49#define SEC_RIGHTS_CHANGE_PASSWD SEC_RIGHTS_EXTENDED 50#define SEC_RIGHTS_RESET_PASSWD SEC_RIGHTS_EXTENDED 51#define SEC_RIGHTS_FULL_CTRL 0xf01ff 52 53#define SEC_ACE_OBJECT_PRESENT 0x00000001 /* thanks for Jim McDonough <jmcd@us.ibm.com> */ 54#define SEC_ACE_OBJECT_INHERITED_PRESENT 0x00000002 55 56#define SEC_ACE_FLAG_OBJECT_INHERIT 0x1 57#define SEC_ACE_FLAG_CONTAINER_INHERIT 0x2 58#define SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0x4 59#define SEC_ACE_FLAG_INHERIT_ONLY 0x8 60#define SEC_ACE_FLAG_INHERITED_ACE 0x10 /* New for Windows 2000 */ 61#define SEC_ACE_FLAG_VALID_INHERIT 0xf 62#define SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0x40 63#define SEC_ACE_FLAG_FAILED_ACCESS 0x80 64 65#define SEC_ACE_TYPE_ACCESS_ALLOWED 0x0 66#define SEC_ACE_TYPE_ACCESS_DENIED 0x1 67#define SEC_ACE_TYPE_SYSTEM_AUDIT 0x2 68#define SEC_ACE_TYPE_SYSTEM_ALARM 0x3 69#define SEC_ACE_TYPE_ALLOWED_COMPOUND 0x4 70#define SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT 0x5 71#define SEC_ACE_TYPE_ACCESS_DENIED_OBJECT 0x6 72#define SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT 0x7 73#define SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT 0x8 74 75#define SEC_DESC_OWNER_DEFAULTED 0x0001 76#define SEC_DESC_GROUP_DEFAULTED 0x0002 77#define SEC_DESC_DACL_PRESENT 0x0004 78#define SEC_DESC_DACL_DEFAULTED 0x0008 79#define SEC_DESC_SACL_PRESENT 0x0010 80#define SEC_DESC_SACL_DEFAULTED 0x0020 81#define SEC_DESC_DACL_TRUSTED 0x0040 82#define SEC_DESC_SERVER_SECURITY 0x0080 83/* 84 * New Windows 2000 bits. 85 */ 86#define SE_DESC_DACL_AUTO_INHERIT_REQ 0x0100 87#define SE_DESC_SACL_AUTO_INHERIT_REQ 0x0200 88#define SE_DESC_DACL_AUTO_INHERITED 0x0400 89#define SE_DESC_SACL_AUTO_INHERITED 0x0800 90#define SE_DESC_DACL_PROTECTED 0x1000 91#define SE_DESC_SACL_PROTECTED 0x2000 92 93/* Don't know what this means. */ 94#define SEC_DESC_RM_CONTROL_VALID 0x4000 95 96#define SEC_DESC_SELF_RELATIVE 0x8000 97 98/* security information */ 99#define OWNER_SECURITY_INFORMATION 0x00000001 100#define GROUP_SECURITY_INFORMATION 0x00000002 101#define DACL_SECURITY_INFORMATION 0x00000004 102#define SACL_SECURITY_INFORMATION 0x00000008 103/* Extra W2K flags. */ 104#define UNPROTECTED_SACL_SECURITY_INFORMATION 0x10000000 105#define UNPROTECTED_DACL_SECURITY_INFORMATION 0x20000000 106#define PROTECTED_SACL_SECURITY_INFORMATION 0x40000000 107#define PROTECTED_DACL_SECURITY_INFORMATION 0x80000000 108 109#define ALL_SECURITY_INFORMATION (OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|\ 110 DACL_SECURITY_INFORMATION|SACL_SECURITY_INFORMATION|\ 111 UNPROTECTED_SACL_SECURITY_INFORMATION|\ 112 UNPROTECTED_DACL_SECURITY_INFORMATION|\ 113 PROTECTED_SACL_SECURITY_INFORMATION|\ 114 PROTECTED_DACL_SECURITY_INFORMATION) 115 116/* SEC_ACCESS */ 117typedef struct security_info_info 118{ 119 uint32 mask; 120 121} SEC_ACCESS; 122 123/* SEC_ACE */ 124typedef struct security_ace_info 125{ 126 uint8 type; /* xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */ 127 uint8 flags; /* xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */ 128 uint16 size; 129 130 SEC_ACCESS info; 131 132 /* this stuff may be present when type is XXXX_TYPE_XXXX_OBJECT */ 133 uint32 obj_flags; /* xxxx_ACE_OBJECT_xxxx e.g present/inherited present etc */ 134 struct uuid obj_guid; /* object GUID */ 135 struct uuid inh_guid; /* inherited object GUID */ 136 /* eof object stuff */ 137 138 DOM_SID trustee; 139 140} SEC_ACE; 141#define SEC_ACE_HEADER_SIZE (2 * sizeof(uint8) + sizeof(uint16) + sizeof(uint32)) 142 143#ifndef ACL_REVISION 144#define ACL_REVISION 0x3 145#endif 146 147#ifndef NT4_ACL_REVISION 148#define NT4_ACL_REVISION 0x2 149#endif 150 151#ifndef _SEC_ACL 152/* SEC_ACL */ 153typedef struct security_acl_info 154{ 155 uint16 revision; /* 0x0003 */ 156 uint16 size; /* size in bytes of the entire ACL structure */ 157 uint32 num_aces; /* number of Access Control Entries */ 158 159 SEC_ACE *ace; 160 161} SEC_ACL; 162#define SEC_ACL_HEADER_SIZE (2 * sizeof(uint16) + sizeof(uint32)) 163#define _SEC_ACL 164#endif 165 166#ifndef SEC_DESC_REVISION 167#define SEC_DESC_REVISION 0x1 168#endif 169 170#ifndef _SEC_DESC 171/* SEC_DESC */ 172typedef struct security_descriptor_info 173{ 174 uint16 revision; /* 0x0001 */ 175 uint16 type; /* SEC_DESC_xxxx flags */ 176 177 uint32 off_owner_sid; /* offset to owner sid */ 178 uint32 off_grp_sid ; /* offset to group sid */ 179 uint32 off_sacl ; /* offset to system list of permissions */ 180 uint32 off_dacl ; /* offset to list of permissions */ 181 182 SEC_ACL *dacl; /* user ACL */ 183 SEC_ACL *sacl; /* system ACL */ 184 DOM_SID *owner_sid; 185 DOM_SID *grp_sid; 186 187} SEC_DESC; 188#define SEC_DESC_HEADER_SIZE (2 * sizeof(uint16) + 4 * sizeof(uint32)) 189#define _SEC_DESC 190#endif 191 192#ifndef _SEC_DESC_BUF 193/* SEC_DESC_BUF */ 194typedef struct sec_desc_buf_info 195{ 196 uint32 max_len; 197 uint32 ptr; 198 uint32 len; 199 200 SEC_DESC *sec; 201 202} SEC_DESC_BUF; 203#define _SEC_DESC_BUF 204#endif 205 206/* A type to describe the mapping of generic access rights to object 207 specific access rights. */ 208 209typedef struct generic_mapping { 210 uint32 generic_read; 211 uint32 generic_write; 212 uint32 generic_execute; 213 uint32 generic_all; 214} GENERIC_MAPPING; 215 216typedef struct standard_mapping { 217 uint32 std_read; 218 uint32 std_write; 219 uint32 std_execute; 220 uint32 std_all; 221} STANDARD_MAPPING; 222 223 224/* Security Access Masks Rights */ 225 226#define SPECIFIC_RIGHTS_MASK 0x0000FFFF 227#define STANDARD_RIGHTS_MASK 0x00FF0000 228#define GENERIC_RIGHTS_MASK 0xF0000000 229 230#define SEC_RIGHT_SYSTEM_SECURITY 0x01000000 231#define SEC_RIGHT_MAXIMUM_ALLOWED 0x02000000 232 233/* Generic access rights */ 234 235#define GENERIC_RIGHT_ALL_ACCESS 0x10000000 236#define GENERIC_RIGHT_EXECUTE_ACCESS 0x20000000 237#define GENERIC_RIGHT_WRITE_ACCESS 0x40000000 238#define GENERIC_RIGHT_READ_ACCESS 0x80000000 239 240/* Standard access rights. */ 241 242#define STD_RIGHT_DELETE_ACCESS 0x00010000 243#define STD_RIGHT_READ_CONTROL_ACCESS 0x00020000 244#define STD_RIGHT_WRITE_DAC_ACCESS 0x00040000 245#define STD_RIGHT_WRITE_OWNER_ACCESS 0x00080000 246#define STD_RIGHT_SYNCHRONIZE_ACCESS 0x00100000 247 248#define STD_RIGHT_ALL_ACCESS 0x001F0000 249 250/* Combinations of standard masks. */ 251#define STANDARD_RIGHTS_ALL_ACCESS STD_RIGHT_ALL_ACCESS /* 0x001f0000 */ 252#define STANDARD_RIGHTS_EXECUTE_ACCESS STD_RIGHT_READ_CONTROL_ACCESS /* 0x00020000 */ 253#define STANDARD_RIGHTS_READ_ACCESS STD_RIGHT_READ_CONTROL_ACCESS /* 0x00020000 */ 254#define STANDARD_RIGHTS_WRITE_ACCESS \ 255 (STD_RIGHT_WRITE_OWNER_ACCESS | \ 256 STD_RIGHT_WRITE_DAC_ACCESS | \ 257 STD_RIGHT_DELETE_ACCESS) /* 0x000d0000 */ 258#define STANDARD_RIGHTS_REQUIRED_ACCESS \ 259 (STD_RIGHT_DELETE_ACCESS | \ 260 STD_RIGHT_READ_CONTROL_ACCESS | \ 261 STD_RIGHT_WRITE_DAC_ACCESS | \ 262 STD_RIGHT_WRITE_OWNER_ACCESS) /* 0x000f0000 */ 263 264/* File Object specific access rights */ 265 266#define SA_RIGHT_FILE_READ_DATA 0x00000001 267#define SA_RIGHT_FILE_WRITE_DATA 0x00000002 268#define SA_RIGHT_FILE_APPEND_DATA 0x00000004 269#define SA_RIGHT_FILE_READ_EA 0x00000008 270#define SA_RIGHT_FILE_WRITE_EA 0x00000010 271#define SA_RIGHT_FILE_EXECUTE 0x00000020 272#define SA_RIGHT_FILE_DELETE_CHILD 0x00000040 273#define SA_RIGHT_FILE_READ_ATTRIBUTES 0x00000080 274#define SA_RIGHT_FILE_WRITE_ATTRIBUTES 0x00000100 275 276#define SA_RIGHT_FILE_ALL_ACCESS 0x000001FF 277 278#define GENERIC_RIGHTS_FILE_ALL_ACCESS \ 279 (STANDARD_RIGHTS_REQUIRED_ACCESS| \ 280 STD_RIGHT_SYNCHRONIZE_ACCESS | \ 281 SA_RIGHT_FILE_ALL_ACCESS) 282 283#define GENERIC_RIGHTS_FILE_READ \ 284 (STANDARD_RIGHTS_READ_ACCESS | \ 285 STD_RIGHT_SYNCHRONIZE_ACCESS | \ 286 SA_RIGHT_FILE_READ_DATA | \ 287 SA_RIGHT_FILE_READ_ATTRIBUTES | \ 288 SA_RIGHT_FILE_READ_EA) 289 290#define GENERIC_RIGHTS_FILE_WRITE \ 291 (STANDARD_RIGHTS_WRITE_ACCESS | \ 292 STD_RIGHT_SYNCHRONIZE_ACCESS | \ 293 SA_RIGHT_FILE_WRITE_DATA | \ 294 SA_RIGHT_FILE_WRITE_ATTRIBUTES | \ 295 SA_RIGHT_FILE_WRITE_EA | \ 296 SA_RIGHT_FILE_APPEND_DATA) 297 298#define GENERIC_RIGHTS_FILE_EXECUTE \ 299 (STANDARD_RIGHTS_EXECUTE_ACCESS | \ 300 SA_RIGHT_FILE_READ_ATTRIBUTES | \ 301 SA_RIGHT_FILE_EXECUTE) 302 303 304/* SAM server specific access rights */ 305 306#define SA_RIGHT_SAM_CONNECT_SERVER 0x00000001 307#define SA_RIGHT_SAM_SHUTDOWN_SERVER 0x00000002 308#define SA_RIGHT_SAM_INITIALISE_SERVER 0x00000004 309#define SA_RIGHT_SAM_CREATE_DOMAIN 0x00000008 310#define SA_RIGHT_SAM_ENUM_DOMAINS 0x00000010 311#define SA_RIGHT_SAM_OPEN_DOMAIN 0x00000020 312 313#define SA_RIGHT_SAM_ALL_ACCESS 0x0000003F 314 315#define GENERIC_RIGHTS_SAM_ALL_ACCESS \ 316 (STANDARD_RIGHTS_REQUIRED_ACCESS| \ 317 SA_RIGHT_SAM_ALL_ACCESS) 318 319#define GENERIC_RIGHTS_SAM_READ \ 320 (STANDARD_RIGHTS_READ_ACCESS | \ 321 SA_RIGHT_SAM_ENUM_DOMAINS) 322 323#define GENERIC_RIGHTS_SAM_WRITE \ 324 (STANDARD_RIGHTS_WRITE_ACCESS | \ 325 SA_RIGHT_SAM_CREATE_DOMAIN | \ 326 SA_RIGHT_SAM_INITIALISE_SERVER | \ 327 SA_RIGHT_SAM_SHUTDOWN_SERVER) 328 329#define GENERIC_RIGHTS_SAM_EXECUTE \ 330 (STANDARD_RIGHTS_EXECUTE_ACCESS | \ 331 SA_RIGHT_SAM_OPEN_DOMAIN | \ 332 SA_RIGHT_SAM_CONNECT_SERVER) 333 334 335/* Domain Object specific access rights */ 336 337#define SA_RIGHT_DOMAIN_LOOKUP_INFO_1 0x00000001 338#define SA_RIGHT_DOMAIN_SET_INFO_1 0x00000002 339#define SA_RIGHT_DOMAIN_LOOKUP_INFO_2 0x00000004 340#define SA_RIGHT_DOMAIN_SET_INFO_2 0x00000008 341#define SA_RIGHT_DOMAIN_CREATE_USER 0x00000010 342#define SA_RIGHT_DOMAIN_CREATE_GROUP 0x00000020 343#define SA_RIGHT_DOMAIN_CREATE_ALIAS 0x00000040 344#define SA_RIGHT_DOMAIN_LOOKUP_ALIAS_BY_MEM 0x00000080 345#define SA_RIGHT_DOMAIN_ENUM_ACCOUNTS 0x00000100 346#define SA_RIGHT_DOMAIN_OPEN_ACCOUNT 0x00000200 347#define SA_RIGHT_DOMAIN_SET_INFO_3 0x00000400 348 349#define SA_RIGHT_DOMAIN_ALL_ACCESS 0x000007FF 350 351#define GENERIC_RIGHTS_DOMAIN_ALL_ACCESS \ 352 (STANDARD_RIGHTS_REQUIRED_ACCESS| \ 353 SA_RIGHT_DOMAIN_ALL_ACCESS) 354 355#define GENERIC_RIGHTS_DOMAIN_READ \ 356 (STANDARD_RIGHTS_READ_ACCESS | \ 357 SA_RIGHT_DOMAIN_LOOKUP_ALIAS_BY_MEM | \ 358 SA_RIGHT_DOMAIN_LOOKUP_INFO_2) 359 360#define GENERIC_RIGHTS_DOMAIN_WRITE \ 361 (STANDARD_RIGHTS_WRITE_ACCESS | \ 362 SA_RIGHT_DOMAIN_SET_INFO_3 | \ 363 SA_RIGHT_DOMAIN_CREATE_ALIAS | \ 364 SA_RIGHT_DOMAIN_CREATE_GROUP | \ 365 SA_RIGHT_DOMAIN_CREATE_USER | \ 366 SA_RIGHT_DOMAIN_SET_INFO_2 | \ 367 SA_RIGHT_DOMAIN_SET_INFO_1) 368 369#define GENERIC_RIGHTS_DOMAIN_EXECUTE \ 370 (STANDARD_RIGHTS_EXECUTE_ACCESS | \ 371 SA_RIGHT_DOMAIN_OPEN_ACCOUNT | \ 372 SA_RIGHT_DOMAIN_ENUM_ACCOUNTS | \ 373 SA_RIGHT_DOMAIN_LOOKUP_INFO_1) 374 375 376/* User Object specific access rights */ 377 378#define SA_RIGHT_USER_GET_NAME_ETC 0x00000001 379#define SA_RIGHT_USER_GET_LOCALE 0x00000002 380#define SA_RIGHT_USER_SET_LOC_COM 0x00000004 381#define SA_RIGHT_USER_GET_LOGONINFO 0x00000008 382#define SA_RIGHT_USER_ACCT_FLAGS_EXPIRY 0x00000010 383#define SA_RIGHT_USER_SET_ATTRIBUTES 0x00000020 384#define SA_RIGHT_USER_CHANGE_PASSWORD 0x00000040 385#define SA_RIGHT_USER_SET_PASSWORD 0x00000080 386#define SA_RIGHT_USER_GET_GROUPS 0x00000100 387#define SA_RIGHT_USER_READ_GROUP_MEM 0x00000200 388#define SA_RIGHT_USER_CHANGE_GROUP_MEM 0x00000400 389 390#define SA_RIGHT_USER_ALL_ACCESS 0x000007FF 391 392#define GENERIC_RIGHTS_USER_ALL_ACCESS \ 393 (STANDARD_RIGHTS_REQUIRED_ACCESS| \ 394 SA_RIGHT_USER_ALL_ACCESS) /* 0x000f07ff */ 395 396#define GENERIC_RIGHTS_USER_READ \ 397 (STANDARD_RIGHTS_READ_ACCESS | \ 398 SA_RIGHT_USER_READ_GROUP_MEM | \ 399 SA_RIGHT_USER_GET_GROUPS | \ 400 SA_RIGHT_USER_ACCT_FLAGS_EXPIRY | \ 401 SA_RIGHT_USER_GET_LOGONINFO | \ 402 SA_RIGHT_USER_GET_LOCALE) /* 0x0002031a */ 403 404#define GENERIC_RIGHTS_USER_WRITE \ 405 (STANDARD_RIGHTS_WRITE_ACCESS | \ 406 SA_RIGHT_USER_CHANGE_PASSWORD | \ 407 SA_RIGHT_USER_SET_LOC_COM | \ 408 SA_RIGHT_USER_SET_ATTRIBUTES | \ 409 SA_RIGHT_USER_SET_PASSWORD | \ 410 SA_RIGHT_USER_CHANGE_GROUP_MEM) /* 0x000204e4 */ 411 412#define GENERIC_RIGHTS_USER_EXECUTE \ 413 (STANDARD_RIGHTS_EXECUTE_ACCESS | \ 414 SA_RIGHT_USER_CHANGE_PASSWORD | \ 415 SA_RIGHT_USER_GET_NAME_ETC ) /* 0x00020041 */ 416 417 418/* Group Object specific access rights */ 419 420#define SA_RIGHT_GROUP_LOOKUP_INFO 0x00000001 421#define SA_RIGHT_GROUP_SET_INFO 0x00000002 422#define SA_RIGHT_GROUP_ADD_MEMBER 0x00000004 423#define SA_RIGHT_GROUP_REMOVE_MEMBER 0x00000008 424#define SA_RIGHT_GROUP_GET_MEMBERS 0x00000010 425 426#define SA_RIGHT_GROUP_ALL_ACCESS 0x0000001F 427 428#define GENERIC_RIGHTS_GROUP_ALL_ACCESS \ 429 (STANDARD_RIGHTS_REQUIRED_ACCESS| \ 430 SA_RIGHT_GROUP_ALL_ACCESS) /* 0x000f001f */ 431 432#define GENERIC_RIGHTS_GROUP_READ \ 433 (STANDARD_RIGHTS_READ_ACCESS | \ 434 SA_RIGHT_GROUP_GET_MEMBERS) /* 0x00020010 */ 435 436#define GENERIC_RIGHTS_GROUP_WRITE \ 437 (STANDARD_RIGHTS_WRITE_ACCESS | \ 438 SA_RIGHT_GROUP_REMOVE_MEMBER | \ 439 SA_RIGHT_GROUP_ADD_MEMBER | \ 440 SA_RIGHT_GROUP_SET_INFO ) /* 0x0002000e */ 441 442#define GENERIC_RIGHTS_GROUP_EXECUTE \ 443 (STANDARD_RIGHTS_EXECUTE_ACCESS | \ 444 SA_RIGHT_GROUP_LOOKUP_INFO) /* 0x00020001 */ 445 446 447/* Alias Object specific access rights */ 448 449#define SA_RIGHT_ALIAS_ADD_MEMBER 0x00000001 450#define SA_RIGHT_ALIAS_REMOVE_MEMBER 0x00000002 451#define SA_RIGHT_ALIAS_GET_MEMBERS 0x00000004 452#define SA_RIGHT_ALIAS_LOOKUP_INFO 0x00000008 453#define SA_RIGHT_ALIAS_SET_INFO 0x00000010 454 455#define SA_RIGHT_ALIAS_ALL_ACCESS 0x0000001F 456 457#define GENERIC_RIGHTS_ALIAS_ALL_ACCESS \ 458 (STANDARD_RIGHTS_REQUIRED_ACCESS| \ 459 SA_RIGHT_ALIAS_ALL_ACCESS) /* 0x000f001f */ 460 461#define GENERIC_RIGHTS_ALIAS_READ \ 462 (STANDARD_RIGHTS_READ_ACCESS | \ 463 SA_RIGHT_ALIAS_GET_MEMBERS ) /* 0x00020004 */ 464 465#define GENERIC_RIGHTS_ALIAS_WRITE \ 466 (STANDARD_RIGHTS_WRITE_ACCESS | \ 467 SA_RIGHT_ALIAS_REMOVE_MEMBER | \ 468 SA_RIGHT_ALIAS_ADD_MEMBER | \ 469 SA_RIGHT_ALIAS_SET_INFO ) /* 0x00020013 */ 470 471#define GENERIC_RIGHTS_ALIAS_EXECUTE \ 472 (STANDARD_RIGHTS_EXECUTE_ACCESS | \ 473 SA_RIGHT_ALIAS_LOOKUP_INFO ) /* 0x00020008 */ 474 475#endif /* _RPC_SECDES_H */ 476