JEDI Windows Security Code Library - Paules-PC-Forum.de

28.11.2007, 23:11

This is the first release of the
new JEDI Windows API (JWA)
and JEDI Windows Security Code Library (JWSCL).
--> Website

JWA is known as the JEDI Windows API header conversions. JWA can be
compiled into one jwaWindows unit. There is no more need to add hundred
of different units into the uses statement. However single units can
also be used!

JWSCL is a collection of classes to make programming in Windows Security
a big step easier. It uses JWA excessively.
JWSCL makes the following things easier:
*detect Windows version
*Token
**Impersonation
**User login
*SID
*Access Control List
*Security Descriptor
**Owner, Group, DACL, SACL
*WindowStation
*Desktop
*LSA
*Rights mapping
*Secured object e.g. files, registry (+inheritance), and generic window
handles
*Credentials (Login Dialog)
*Encryption (MS Crypt API)
*Known SIDs
*Privileges
*Security Dialogs (security tab sheet, like in windows explorer file
security dialog)
*Terminal Sessions
*Unicode + Ansicode
*Vista Elevation
*Vista Integrity Level

Download (JWSCL download contains JWA already):
http://sourceforge.net/project/showf...roup_id=121894
(JWA and JWSCL downloads are an image of the Subversion repository)
Subversion: https://jedi-apilib.svn.sourceforge....ot/jedi-apilib

As a simple demonstration:
This code shows how to get the maximum possible rights to access a file.

Code:

program ReadFileSecurity;

{$APPTYPE CONSOLE}

uses
  SysUtils,
  Dialogs,
  Controls,
  JwaWindows,
  JwsclTypes,
  JwsclExceptions,
  JwsclConstants,
  JwsclMapping,
  JwsclVersion,
  JwsclProcess,
  JwsclSid,
  JwsclAcl,
  JwsclCredentials,
  JwsclDescriptor,
  JwsclToken,
  JwsclKnownSid,
  JwsclAccounts,
  JwsclSecureObjects,
  JwsclStrings;

function CheckAccessToFile(
  DesiredAccess: DWORD; const FileName: WideString): Boolean;
var FileObject : TJwSecureFileObject;
begin
  FileObject := TJwSecureFileObject.Create(FileName);
  try
    result := FileObject.AccessCheck(DesiredAccess);
  finally
    FileObject.Free;
  end;
end;

function CheckMaximumAccessToFile(const FileName: WideString): DWORD;
var FileObject : TJwSecureFileObject;
    PrivilegeSet: TJwPrivilegeSet;
    AccessStatus: boolean;
begin
  FileObject := TJwSecureFileObject.Create(FileName);
  try
    FileObject.AccessCheck(
      MAXIMUM_ALLOWED,//DesiredAccess: TJwAccessMask;
      PrivilegeSet,//out PrivilegeSet: TJwPrivilegeSet;
      result,//out GrantedAccess: TJwAccessMask;
      AccessStatus,//out AccessStatus: boolean;
      nil//const ClientToken: TJwSecurityToken = nil);
      );
  finally
    PrivilegeSet.Free;
    FileObject.Free;
  end;
end;

var AccessMask : DWORD;
    FileName : String;
begin
  FileName := ParamStr(1);
  if Length(FileName) = 0 then
    FileName := ParamStr(0);

  writeln('Check access for '+FileName);
  try
    if CheckAccessToFile(FILE_ALL_ACCESS,FileName) then
      writeln('Full control allowed')
    else
      writeln('Full control denied');
  except
    On E : Exception do
     Writeln(E.Message);
  end;

  try
    AccessMask := CheckMaximumAccessToFile(FileName);
    writeln('Maximum access possible:
['+TJwSecurityFileMapping.MapAccessMaskToString(AccessMask)+']');
  except
    On E : Exception do
     Writeln(E.Message);
  end;

  Writeln('[Hit return]');
  readln;
end.

Consider how much lines you would had to write without the classes.

The following mailing lists are opened.
You can find more details and how to subscribe on them

JWSCL general
https://lists.sourceforge.net/lists/...di-apilib-wscl

JWSCL SVN commit
https://lists.sourceforge.net/lists/...pilib-wscl-svn

JWA general
https://lists.sourceforge.net/lists/...lib-developers

JWA SVN commit
https://lists.sourceforge.net/lists/...edi-apilib-svn

P.S.
You can simply update your downloaded source by using Subversion on your local copy.

See also
http://blog.assarbad.net/20071114/good-job-chris/
http://www.remkoweijnen.nl/blog/2007...-code-library/

Direct E-Mail (english, Deutsch)
DelphiSecurityLibrary(@t)teamchris(dot)info

28.11.2007, 23:11	#1 (Direktlink)
Dezipaitor Gast Beiträge: n/a	JEDI Windows Security Code Library This is the first release of the new JEDI Windows API (JWA) and JEDI Windows Security Code Library (JWSCL). --> Website JWA is known as the JEDI Windows API header conversions. JWA can be compiled into one jwaWindows unit. There is no more need to add hundred of different units into the uses statement. However single units can also be used! JWSCL is a collection of classes to make programming in Windows Security a big step easier. It uses JWA excessively. JWSCL makes the following things easier: detect Windows version Token Impersonation User login SID Access Control List Security Descriptor Owner, Group, DACL, SACL WindowStation Desktop LSA Rights mapping Secured object e.g. files, registry (+inheritance), and generic window handles Credentials (Login Dialog) Encryption (MS Crypt API) Known SIDs Privileges Security Dialogs (security tab sheet, like in windows explorer file security dialog) Terminal Sessions Unicode + Ansicode Vista Elevation *Vista Integrity Level Download (JWSCL download contains JWA already): http://sourceforge.net/project/showf...roup_id=121894 (JWA and JWSCL downloads are an image of the Subversion repository) Subversion: https://jedi-apilib.svn.sourceforge....ot/jedi-apilib As a simple demonstration: This code shows how to get the maximum possible rights to access a file. Code: program ReadFileSecurity; {$APPTYPE CONSOLE} uses SysUtils, Dialogs, Controls, JwaWindows, JwsclTypes, JwsclExceptions, JwsclConstants, JwsclMapping, JwsclVersion, JwsclProcess, JwsclSid, JwsclAcl, JwsclCredentials, JwsclDescriptor, JwsclToken, JwsclKnownSid, JwsclAccounts, JwsclSecureObjects, JwsclStrings; function CheckAccessToFile( DesiredAccess: DWORD; const FileName: WideString): Boolean; var FileObject : TJwSecureFileObject; begin FileObject := TJwSecureFileObject.Create(FileName); try result := FileObject.AccessCheck(DesiredAccess); finally FileObject.Free; end; end; function CheckMaximumAccessToFile(const FileName: WideString): DWORD; var FileObject : TJwSecureFileObject; PrivilegeSet: TJwPrivilegeSet; AccessStatus: boolean; begin FileObject := TJwSecureFileObject.Create(FileName); try FileObject.AccessCheck( MAXIMUM_ALLOWED,//DesiredAccess: TJwAccessMask; PrivilegeSet,//out PrivilegeSet: TJwPrivilegeSet; result,//out GrantedAccess: TJwAccessMask; AccessStatus,//out AccessStatus: boolean; nil//const ClientToken: TJwSecurityToken = nil); ); finally PrivilegeSet.Free; FileObject.Free; end; end; var AccessMask : DWORD; FileName : String; begin FileName := ParamStr(1); if Length(FileName) = 0 then FileName := ParamStr(0); writeln('Check access for '+FileName); try if CheckAccessToFile(FILE_ALL_ACCESS,FileName) then writeln('Full control allowed') else writeln('Full control denied'); except On E : Exception do Writeln(E.Message); end; try AccessMask := CheckMaximumAccessToFile(FileName); writeln('Maximum access possible: ['+TJwSecurityFileMapping.MapAccessMaskToString(AccessMask)+']'); except On E : Exception do Writeln(E.Message); end; Writeln('[Hit return]'); readln; end. Consider how much lines you would had to write without the classes. The following mailing lists are opened. You can find more details and how to subscribe on them JWSCL general https://lists.sourceforge.net/lists/...di-apilib-wscl JWSCL SVN commit https://lists.sourceforge.net/lists/...pilib-wscl-svn JWA general https://lists.sourceforge.net/lists/...lib-developers JWA SVN commit https://lists.sourceforge.net/lists/...edi-apilib-svn P.S. You can simply update your downloaded source by using Subversion on your local copy. See also http://blog.assarbad.net/20071114/good-job-chris/ http://www.remkoweijnen.nl/blog/2007...-code-library/ Direct E-Mail (english, Deutsch) DelphiSecurityLibrary(@t)teamchris(dot)info

Themen-Optionen
Druckbare Version zeigen Jemanden per E-Mail auf dieses Thema hinweisen
Ansicht
Linear-Darstellung Zur Hybrid-Darstellung wechseln Zur Baum-Darstellung wechseln