From 3ed86d53e9c84c2a4bfa4dc68d998494d783fcd1 Mon Sep 17 00:00:00 2001 From: Tony Date: Mon, 6 May 2024 17:39:19 +0800 Subject: [PATCH] Add missing standard access rights --- src/service.rs | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/src/service.rs b/src/service.rs index ab9eb79..5a73fd2 100644 --- a/src/service.rs +++ b/src/service.rs @@ -54,6 +54,9 @@ bitflags::bitflags! { /// Flags describing the access permissions when working with services #[derive(PartialEq, Eq, PartialOrd, Ord, Hash, Debug, Clone, Copy)] pub struct ServiceAccess: u32 { + /// Full access to the service object + const ALL_ACCESS = Services::SERVICE_ALL_ACCESS; + /// Can query the service status const QUERY_STATUS = Services::SERVICE_QUERY_STATUS; @@ -69,9 +72,6 @@ bitflags::bitflags! { /// Can ask the service to report its status const INTERROGATE = Services::SERVICE_INTERROGATE; - /// Can delete the service - const DELETE = FileSystem::DELETE; - /// Can query the services configuration const QUERY_CONFIG = Services::SERVICE_QUERY_CONFIG; @@ -81,8 +81,17 @@ bitflags::bitflags! { /// Can use user-defined control codes const USER_DEFINED_CONTROL = Services::SERVICE_USER_DEFINED_CONTROL; - /// Full access to the service object - const ALL_ACCESS = Services::SERVICE_ALL_ACCESS; + /// Can delete the service + const DELETE = FileSystem::DELETE; + + /// Required to call the `QueryServiceObjectSecurity` function to query the security descriptor of the service object + const READ_CONTROL = FileSystem::READ_CONTROL; + + /// Required to call the `SetServiceObjectSecurity` function to modify the Dacl member of the service object's security descriptor + const WRITE_DAC = FileSystem::WRITE_DAC; + + /// Required to call the `SetServiceObjectSecurity` function to modify the Owner and Group members of the service object's security descriptor + const WRITE_OWNER = FileSystem::WRITE_OWNER; } }