/ 
Win32-Security-0.27
/ Win32::Security::Raw

NAME

Win32::Security::Raw - low-level access Win32 Security API calls

SYNOPSIS

use Win32::Security::Raw;

DESCRIPTION

This module provides access to a limited number of Win32 Security API calls. As I have need for other functions I will add them to the module. If anyone has suggestions, feel free to ask - I will be quite happy to extend this module.

Installation instructions

This installs with MakeMaker as part of Win32::Security.

To install via MakeMaker, it's the usual procedure - download from CPAN, extract, type "perl Makefile.PL", "nmake" then "nmake install". Don't do an "nmake test" because the I haven't written a test suite yet.

It depends upon the Win32::API and Data::BitMask modules, which should be installable via PPM or available on CPAN.

Function Reference

AdjustTokenPrivileges

CopyMemory_Read

Uses RtlMoveMemory to read an arbitrary memory location. You should pass a pointer in the form of a Perl integer and the number of bytes to read from that location. The function will return the data read in a Perl string.

GetCurrentProcess

Returns a handle to the CurrentProcess as an integer.

GetAclInformation

This expects a pointer to an ACL and a AclInformationClass value (i.e. 'AclSizeInformation' or 'AclRevisionInformation'). It returns the approriate data for the AclInformationClass value (the revision in the case of AclRevisionInformation, the AceCount, AclBytesInUse, and AclBytesFree in the case of AclSizeInformation).

GetLengthSid

This accepts a pointer to a SID as an integer and returns the length.

GetNamedSecurityInfo

This expects an object name (i.e. a path to a file, registry key, etc.), an object type (i.e. 'SE_FILE_OBJECT'), and a SECURITY_INFORMATION mask (i.e. 'OWNER_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION'). It returns pointers (as integers) to sidOwner, sidGroup, Dacl, Sacl, and the SecurityDescriptor. Some of these may be null pointers.

GetSecurityDescriptorControl

This expects a pointer to a SecurityDescriptor. It returns the Data::BitMask::break_mask form for the SECURITY_DESCRIPTOR_CONTROL mask.

LocalFree

Calls LocalFree on the passed pointer. The passed pointer should be in the form of a Perl integer.

LookupPrivilegeValue

OpenProcessToken

SetNamedSecurityInfo

This expects an object name (i.e. a path to a file, registry key, etc.), an object type (i.e. 'SE_FILE_OBJECT'), and a SECURITY_INFORMATION mask (i.e. 'OWNER_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION'), and pointers (as integers) to sidOwner, sidGroup, Dacl, and Sacl. These may be null pointers if they are not referenced in the SECURITY_INFORMATION mask.

Data::BitMask Objects

The objects are accessed via class methods on Win32::Security. The Data::BitMask objects are created by the first call and lexically cached.

&Win32::Security::SE_OBJECT_TYPE

Win32 constants for SE_OBJECT_TYPE, along with the following aliases:

  • FILE (SE_FILE_OBJECT)

  • SERVICE (SE_SERVICE)

  • PRINTER (SE_PRINTER)

  • REG (SE_REGISTRY_KEY)

  • REGISTRY (SE_REGISTRY_KEY)

  • SHARE (SE_LMSHARE)

&Win32::Security::SECURITY_INFORMATION

&Win32::Security::SECURITY_DESCRIPTOR_CONTROL

&Win32::Security::ACL_INFORMATION_CLASS

&Win32::Security::TokenRights

&Win32::Security::LUID_ATTRIBUTES

AUTHOR

Toby Ovod-Everett, tovod-everett@alascom.att.com