win32-security 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGES +2 -0
- data/MANIFEST +9 -0
- data/README +35 -0
- data/Rakefile +37 -0
- data/lib/win32/security.rb +66 -0
- data/test/test_security.rb +22 -0
- data/test/test_sid.rb +119 -0
- data/win32-security.gemspec +32 -0
- metadata +95 -0
data/CHANGES
ADDED
data/MANIFEST
ADDED
data/README
ADDED
@@ -0,0 +1,35 @@
|
|
1
|
+
= Description
|
2
|
+
A security library for MS Windows that allows you to open existing or
|
3
|
+
create new security identifiers (SID's).
|
4
|
+
|
5
|
+
= Synopsis
|
6
|
+
require 'win32/security'
|
7
|
+
include Win32
|
8
|
+
|
9
|
+
sid = Security::SID.open('djberge')
|
10
|
+
|
11
|
+
sid.valid? # => true
|
12
|
+
sid.to_s # => "S-1-5-21-3733855671-1102023144-2002619019-1000"
|
13
|
+
sid.length # => 28
|
14
|
+
sid.sid # => "\001\005\000\000\000\000\000\005\025\000\000\000..."
|
15
|
+
|
16
|
+
== Future Plans
|
17
|
+
Create classes that encapsulate ACL's, ACE's, Token's, etc.
|
18
|
+
|
19
|
+
There are some unfinished versions of the ACL and ACE classes in CVS
|
20
|
+
if you're interested in taking a look.
|
21
|
+
|
22
|
+
== Known Issues
|
23
|
+
None that I'm aware of. Please file any bug reports on the project page
|
24
|
+
at http://www.rubyforge.org/projects/win32utils.
|
25
|
+
|
26
|
+
== License
|
27
|
+
Ruby's
|
28
|
+
|
29
|
+
== Copyright
|
30
|
+
(C) 2003-2008 Daniel J. Berger
|
31
|
+
All Rights Reserved
|
32
|
+
|
33
|
+
== Authors
|
34
|
+
Daniel J. Berger
|
35
|
+
Park Heesob
|
data/Rakefile
ADDED
@@ -0,0 +1,37 @@
|
|
1
|
+
require 'rake'
|
2
|
+
require 'rake/testtask'
|
3
|
+
require 'rbconfig'
|
4
|
+
include Config
|
5
|
+
|
6
|
+
desc 'Cleanup any temp files left over by Test::Unit'
|
7
|
+
task :clean do
|
8
|
+
Dir['*'].each{ |file|
|
9
|
+
file = File.expand_path(file)
|
10
|
+
next unless File.directory?(file)
|
11
|
+
next if file =~ /CVS/
|
12
|
+
Dir.chdir(file) do
|
13
|
+
rm_rf '.test-result' if File.exists?('.test-result')
|
14
|
+
end
|
15
|
+
}
|
16
|
+
|
17
|
+
desc 'Install the win32-security package (non-gem)'
|
18
|
+
task :install do
|
19
|
+
install_dir = File.join(CONFIG["sitelibdir"], 'win32', 'security')
|
20
|
+
mkdir_p(install_dir) unless File.exists?(install_dir)
|
21
|
+
cp 'lib/win32/security.rb', File.dirname(install_dir), :verbose => true
|
22
|
+
cp 'lib/win32/security/acl.rb', install_dir, :verbose => true
|
23
|
+
cp 'lib/win32/security/sid.rb', install_dir, :verbose => true
|
24
|
+
end
|
25
|
+
|
26
|
+
task :install_gem do
|
27
|
+
ruby 'win32-security.gemspec'
|
28
|
+
file = Dir["*.gem"].first
|
29
|
+
sh "gem install #{file}"
|
30
|
+
end
|
31
|
+
|
32
|
+
# TODO: Add more test files as more classes are added.
|
33
|
+
Rake::TestTask.new do |t|
|
34
|
+
t.verbose = true
|
35
|
+
t.warning = true
|
36
|
+
t.test_files = Dir['test/test_sid.rb', 'test/test_security.rb']
|
37
|
+
end
|
@@ -0,0 +1,66 @@
|
|
1
|
+
# This file allows users to require all security related classes from
|
2
|
+
# a single file, instead of having to require individual files.
|
3
|
+
|
4
|
+
require 'windows/process'
|
5
|
+
require 'windows/security'
|
6
|
+
require 'windows/handle'
|
7
|
+
require 'windows/error'
|
8
|
+
|
9
|
+
$LOAD_PATH.unshift(File.dirname(File.dirname(File.expand_path(__FILE__))))
|
10
|
+
|
11
|
+
# The Win32 module serves as a namespace only.
|
12
|
+
module Win32
|
13
|
+
|
14
|
+
# The Security class encapsulates security aspects of MS Windows.
|
15
|
+
class Security
|
16
|
+
|
17
|
+
# Base error class for all Win32::Security errors.
|
18
|
+
class Error < StandardError; end
|
19
|
+
|
20
|
+
include Windows::Security
|
21
|
+
|
22
|
+
extend Windows::Process
|
23
|
+
extend Windows::Security
|
24
|
+
extend Windows::Handle
|
25
|
+
extend Windows::Error
|
26
|
+
|
27
|
+
# The version of the win32-security library
|
28
|
+
VERSION = '0.1.0'
|
29
|
+
|
30
|
+
# Returns whether or not the owner of the current process is running
|
31
|
+
# with elevated security privileges.
|
32
|
+
#
|
33
|
+
def self.elevated_security?
|
34
|
+
token = 0.chr * 4
|
35
|
+
|
36
|
+
unless OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, token)
|
37
|
+
raise Error, get_last_error
|
38
|
+
end
|
39
|
+
|
40
|
+
begin
|
41
|
+
token = token.unpack('V')[0]
|
42
|
+
|
43
|
+
te = 0.chr * 4 # TOKEN_ELEVATION
|
44
|
+
rl = 0.chr * 4 # Return length
|
45
|
+
|
46
|
+
bool = GetTokenInformation(
|
47
|
+
token,
|
48
|
+
TokenElevation,
|
49
|
+
te,
|
50
|
+
te.size,
|
51
|
+
rl
|
52
|
+
)
|
53
|
+
|
54
|
+
raise Error, get_last_error unless bool
|
55
|
+
ensure
|
56
|
+
CloseHandle(token)
|
57
|
+
end
|
58
|
+
|
59
|
+
te.unpack('L')[0] != 0
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
require 'win32/security/sid'
|
65
|
+
#require 'win32/security/acl'
|
66
|
+
#require 'win32/security/ace'
|
@@ -0,0 +1,22 @@
|
|
1
|
+
########################################################################
|
2
|
+
# test_security.rb
|
3
|
+
#
|
4
|
+
# Test suite for the Win32::Security base class. You should run these
|
5
|
+
# tests via the 'rake test' task.
|
6
|
+
########################################################################
|
7
|
+
require 'rubygems'
|
8
|
+
gem 'test-unit'
|
9
|
+
|
10
|
+
require 'test/unit'
|
11
|
+
require 'win32/security'
|
12
|
+
|
13
|
+
class TC_Win32_Security < Test::Unit::TestCase
|
14
|
+
def test_version
|
15
|
+
assert_equal('0.1.0', Win32::Security::VERSION)
|
16
|
+
end
|
17
|
+
|
18
|
+
def test_elevated_security
|
19
|
+
assert_respond_to(Win32::Security, :elevated_security?)
|
20
|
+
assert_boolean(Win32::Security.elevated_security?)
|
21
|
+
end
|
22
|
+
end
|
data/test/test_sid.rb
ADDED
@@ -0,0 +1,119 @@
|
|
1
|
+
########################################################################
|
2
|
+
# test_sid.rb
|
3
|
+
#
|
4
|
+
# Test suite for the Win32::Security::SID class. You should run these
|
5
|
+
# tests via the 'rake test' task.
|
6
|
+
########################################################################
|
7
|
+
require 'rubygems'
|
8
|
+
gem 'test-unit'
|
9
|
+
|
10
|
+
require 'test/unit'
|
11
|
+
require 'win32/security'
|
12
|
+
require 'sys/admin'
|
13
|
+
include Win32
|
14
|
+
|
15
|
+
class TC_Win32_Security_Sid < Test::Unit::TestCase
|
16
|
+
def self.startup
|
17
|
+
@@host = Socket.gethostname
|
18
|
+
@@name = Sys::Admin.users[0].name
|
19
|
+
end
|
20
|
+
|
21
|
+
def setup
|
22
|
+
@sid = Security::SID.new(@@name)
|
23
|
+
end
|
24
|
+
|
25
|
+
def test_version
|
26
|
+
assert_equal('0.1.0', Security::SID::VERSION)
|
27
|
+
end
|
28
|
+
|
29
|
+
def test_sid
|
30
|
+
assert_respond_to(@sid, :sid)
|
31
|
+
assert_kind_of(String, @sid.sid)
|
32
|
+
end
|
33
|
+
|
34
|
+
def test_account
|
35
|
+
assert_respond_to(@sid, :account)
|
36
|
+
assert_kind_of(String, @sid.account)
|
37
|
+
end
|
38
|
+
|
39
|
+
def test_account_type
|
40
|
+
assert_respond_to(@sid, :account_type)
|
41
|
+
assert_kind_of(String, @sid.account_type)
|
42
|
+
end
|
43
|
+
|
44
|
+
def test_domain
|
45
|
+
assert_respond_to(@sid, :domain)
|
46
|
+
assert_kind_of(String, @sid.domain)
|
47
|
+
end
|
48
|
+
|
49
|
+
def test_host
|
50
|
+
assert_respond_to(@sid, :host)
|
51
|
+
assert_kind_of(String, @sid.host)
|
52
|
+
end
|
53
|
+
|
54
|
+
def test_sid_to_string
|
55
|
+
assert_respond_to(Security::SID, :sid_to_string)
|
56
|
+
assert_kind_of(String, Security::SID.sid_to_string(@sid.sid))
|
57
|
+
assert_not_nil(Security::SID.sid_to_string(@sid.sid) =~ /\w+\-\w+/)
|
58
|
+
end
|
59
|
+
|
60
|
+
def test_string_to_sid
|
61
|
+
assert_respond_to(Security::SID, :string_to_sid)
|
62
|
+
assert_kind_of(String, Security::SID.string_to_sid(@sid.to_s))
|
63
|
+
end
|
64
|
+
|
65
|
+
def test_to_s
|
66
|
+
assert_respond_to(@sid, :to_s)
|
67
|
+
assert_kind_of(String, @sid.to_s)
|
68
|
+
assert_equal(true, @sid.to_s.include?('-'))
|
69
|
+
end
|
70
|
+
|
71
|
+
def test_to_str_alias
|
72
|
+
assert_respond_to(@sid, :to_str)
|
73
|
+
assert_equal(true, @sid.method(:to_s) == @sid.method(:to_str))
|
74
|
+
end
|
75
|
+
|
76
|
+
def test_equal
|
77
|
+
assert_respond_to(@sid, :==)
|
78
|
+
assert_equal(true, @sid == @sid)
|
79
|
+
end
|
80
|
+
|
81
|
+
def test_valid
|
82
|
+
assert_respond_to(@sid, :valid?)
|
83
|
+
assert_equal(true, @sid.valid?)
|
84
|
+
end
|
85
|
+
|
86
|
+
def test_length
|
87
|
+
assert_respond_to(@sid, :length)
|
88
|
+
assert_equal(true, @sid.length > 0)
|
89
|
+
end
|
90
|
+
|
91
|
+
def test_create
|
92
|
+
assert_respond_to(Security::SID, :create)
|
93
|
+
assert_nothing_raised{
|
94
|
+
Security::SID.create(
|
95
|
+
Security::SID::SECURITY_WORLD_SID_AUTHORITY,
|
96
|
+
Security::SID::SECURITY_WORLD_RID
|
97
|
+
)
|
98
|
+
}
|
99
|
+
end
|
100
|
+
|
101
|
+
def test_new_with_host
|
102
|
+
assert_nothing_raised{ Security::SID.new(@@name, @@host) }
|
103
|
+
end
|
104
|
+
|
105
|
+
def test_new_expected_errors
|
106
|
+
assert_raise(ArgumentError){ Security::SID.new }
|
107
|
+
assert_raise(ArgumentError){ Security::SID.new(@@name, @@host, @@host) }
|
108
|
+
assert_raise(Security::SID::Error){ Security::SID.new('bogus') }
|
109
|
+
end
|
110
|
+
|
111
|
+
def teardown
|
112
|
+
@sid = nil
|
113
|
+
end
|
114
|
+
|
115
|
+
def self.shutdown
|
116
|
+
@@host = nil
|
117
|
+
@@name = nil
|
118
|
+
end
|
119
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
require "rubygems"
|
2
|
+
|
3
|
+
spec = Gem::Specification.new do |gem|
|
4
|
+
gem.name = "win32-security"
|
5
|
+
gem.version = "0.1.0"
|
6
|
+
gem.authors = ["Daniel J. Berger", "Park Heesob"]
|
7
|
+
gem.email = "djberg96@gmail.com"
|
8
|
+
gem.homepage = "http://www.rubyforge.org/projects/win32utils"
|
9
|
+
gem.platform = Gem::Platform::RUBY
|
10
|
+
gem.summary = "A library for dealing with aspects of Windows security."
|
11
|
+
gem.test_files = Dir["test/*.rb"]
|
12
|
+
gem.has_rdoc = true
|
13
|
+
gem.files = Dir["lib/win32/*.rb"] + Dir["test/*"] + Dir["[A-Z]*"]
|
14
|
+
gem.files.reject! { |fn| fn.include? "CVS" }
|
15
|
+
gem.extra_rdoc_files = ["README", "CHANGES", "MANIFEST"]
|
16
|
+
gem.rubyforge_project = 'Win32Utils'
|
17
|
+
|
18
|
+
gem.add_dependency("windows-pr", ">= 0.9.8")
|
19
|
+
gem.add_dependency("test-unit", ">= 2.0.1")
|
20
|
+
gem.add_dependency("sys-admin", ">= 1.4.4")
|
21
|
+
|
22
|
+
description = "The win32-security library provides an interface for dealing"
|
23
|
+
description << " with security aspects of MS Windows. It includes classes"
|
24
|
+
description << " for SID's, ACL's and ACE's."
|
25
|
+
|
26
|
+
gem.description = description
|
27
|
+
end
|
28
|
+
|
29
|
+
if $0 == __FILE__
|
30
|
+
Gem.manage_gems if Gem::RubyGemsVersion.to_f < 1.0
|
31
|
+
Gem::Builder.new(spec).build
|
32
|
+
end
|
metadata
ADDED
@@ -0,0 +1,95 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: win32-security
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Daniel J. Berger
|
8
|
+
- Park Heesob
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
|
13
|
+
date: 2008-12-17 00:00:00 -07:00
|
14
|
+
default_executable:
|
15
|
+
dependencies:
|
16
|
+
- !ruby/object:Gem::Dependency
|
17
|
+
name: windows-pr
|
18
|
+
type: :runtime
|
19
|
+
version_requirement:
|
20
|
+
version_requirements: !ruby/object:Gem::Requirement
|
21
|
+
requirements:
|
22
|
+
- - ">="
|
23
|
+
- !ruby/object:Gem::Version
|
24
|
+
version: 0.9.8
|
25
|
+
version:
|
26
|
+
- !ruby/object:Gem::Dependency
|
27
|
+
name: test-unit
|
28
|
+
type: :runtime
|
29
|
+
version_requirement:
|
30
|
+
version_requirements: !ruby/object:Gem::Requirement
|
31
|
+
requirements:
|
32
|
+
- - ">="
|
33
|
+
- !ruby/object:Gem::Version
|
34
|
+
version: 2.0.1
|
35
|
+
version:
|
36
|
+
- !ruby/object:Gem::Dependency
|
37
|
+
name: sys-admin
|
38
|
+
type: :runtime
|
39
|
+
version_requirement:
|
40
|
+
version_requirements: !ruby/object:Gem::Requirement
|
41
|
+
requirements:
|
42
|
+
- - ">="
|
43
|
+
- !ruby/object:Gem::Version
|
44
|
+
version: 1.4.4
|
45
|
+
version:
|
46
|
+
description: The win32-security library provides an interface for dealing with security aspects of MS Windows. It includes classes for SID's, ACL's and ACE's.
|
47
|
+
email: djberg96@gmail.com
|
48
|
+
executables: []
|
49
|
+
|
50
|
+
extensions: []
|
51
|
+
|
52
|
+
extra_rdoc_files:
|
53
|
+
- README
|
54
|
+
- CHANGES
|
55
|
+
- MANIFEST
|
56
|
+
files:
|
57
|
+
- lib/win32/security.rb
|
58
|
+
- test/test_security.rb
|
59
|
+
- test/test_sid.rb
|
60
|
+
- CHANGES
|
61
|
+
- lib
|
62
|
+
- MANIFEST
|
63
|
+
- Rakefile
|
64
|
+
- README
|
65
|
+
- test
|
66
|
+
- win32-security.gemspec
|
67
|
+
has_rdoc: true
|
68
|
+
homepage: http://www.rubyforge.org/projects/win32utils
|
69
|
+
post_install_message:
|
70
|
+
rdoc_options: []
|
71
|
+
|
72
|
+
require_paths:
|
73
|
+
- lib
|
74
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
75
|
+
requirements:
|
76
|
+
- - ">="
|
77
|
+
- !ruby/object:Gem::Version
|
78
|
+
version: "0"
|
79
|
+
version:
|
80
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
81
|
+
requirements:
|
82
|
+
- - ">="
|
83
|
+
- !ruby/object:Gem::Version
|
84
|
+
version: "0"
|
85
|
+
version:
|
86
|
+
requirements: []
|
87
|
+
|
88
|
+
rubyforge_project: Win32Utils
|
89
|
+
rubygems_version: 1.3.1
|
90
|
+
signing_key:
|
91
|
+
specification_version: 2
|
92
|
+
summary: A library for dealing with aspects of Windows security.
|
93
|
+
test_files:
|
94
|
+
- test/test_security.rb
|
95
|
+
- test/test_sid.rb
|