Security Reference Monitor Routines

This section contains references, in alphabetical order, for the subset of system-supplied SeXxx support routines that can be used by kernel-mode file systems and file system filter drivers but not by device drivers.

In addition to the routines documented here, file systems and file system filter drivers can also call any of the SeXxx routines described in the Kernel-Mode Driver Architecture Reference section that are declared in Ntifs.h.

In this section

TopicDescription

SeAppendPrivileges

The SeAppendPrivileges routine appends additional privileges to the privilege set in an access state structure.

SeAuditHardLinkCreation

Reserved for system use.

SeAuditingFileEvents

The SeAuditingFileEvents routine determines whether file open events are currently being audited.

SeAuditingFileOrGlobalEvents

The SeAuditingFileOrGlobalEvents routine determines whether file or global events are currently being audited.

SeAuditingHardLinkEvents

Reserved for system use.

SeCaptureSubjectContext

The SeCaptureSubjectContext routine captures the security context of the calling thread for access validation and auditing.

SeCreateClientSecurity

The SeCreateClientSecurity routine initializes a security client context structure with the information needed to call SeImpersonateClientEx.

SeCreateClientSecurityFromSubjectContext

The SeCreateClientSecurityFromSubjectContext routine retrieves the access token for a security subject context and uses the result to initialize a security client context with the information needed to call SeImpersonateClientEx.

SeDeleteClientSecurity

The SeDeleteClientSecurity routine deletes a client security context.

SeDeleteObjectAuditAlarm

The SeDeleteObjectAuditAlarm routine generates audit and alarm messages for an object that is marked for deletion.

SeFilterToken

The SeFilterToken routine creates a new access token that is a restricted version of an existing access token.

SeImpersonateClient

Obsolete.

SeImpersonateClientEx

The SeImpersonateClientEx routine causes a thread to impersonate a user.

SeLengthSid

Obsolete.

SeLockSubjectContext

The SeLockSubjectContext routine locks the primary and impersonation tokens of a captured subject context.

SeMarkLogonSessionForTerminationNotification

The SeMarkLogonSessionForTerminationNotification routine marks a logon session so that the caller's registered callback routine is called when the logon session terminates. A logon session terminates when the last token referencing the logon session is deleted.

SeOpenObjectAuditAlarm

The SeOpenObjectAuditAlarm routine generates audit and alarm messages when an attempt is made to open an object.

SeOpenObjectForDeleteAuditAlarm

The SeOpenObjectForDeleteAuditAlarm routine generates audit and alarm messages when an attempt is made to open an object for deletion.

SePrivilegeCheck

The SePrivilegeCheck routine determines whether a specified set of privileges is enabled in the subject's access token.

SeQueryAuthenticationIdToken

The SeQueryAuthenticationIdToken routine retrieves the authentication ID of an access token.

SeQueryInformationToken

The SeQueryInformationToken routine retrieves a specified type of information about an access token. The calling process must have appropriate access rights to obtain the information.

SeQuerySecurityDescriptorInfo

The SeQuerySecurityDescriptorInfo routine retrieves a copy of an object's security descriptor.

SeQuerySessionIdToken

Reserved for system use.

SeQuerySubjectContextToken

The SeQuerySubjectContextToken macro retrieves the access token for a security subject context.

SeRegisterLogonSessionTerminatedRoutine

The SeRegisterLogonSessionTerminatedRoutine routine registers a callback routine to be called when a logon session terminates. A logon session terminates when the last token referencing the logon session is deleted.

SeReleaseSubjectContext

The SeReleaseSubjectContext routine releases a subject security context captured by an earlier call to SeCaptureSubjectContext.

SeSetAccessStateGenericMapping

The SeSetAccessStateGenericMapping routine sets the generic mapping field of an ACCESS_STATE structure.

SeSetSecurityDescriptorInfo

The SeSetSecurityDescriptorInfo routine sets an object's security descriptor.

SeSetSecurityDescriptorInfoEx

The SeSetSecurityDescriptorInfoEx routine modifies an object's security descriptor and specifies whether the object supports automatic inheritance of access control entries (ACE).

SeSetSessionIdToken

Reserved for system use.

SeStopImpersonatingClient

The SeStopImpersonatingClient routine ends the calling thread's impersonation of a user.

SeTokenIsAdmin

The SeTokenIsAdmin routine determines whether a token contains the local administrators group.

SeTokenIsRestricted

The SeTokenIsRestricted routine determines whether a token contains a list of restricting security identifiers (SID).

SeTokenType

Reserved for system use.

SeUnlockSubjectContext

The SeUnlockSubjectContext routine unlocks the tokens of a captured subject context that were locked by a call to SeLockSubjectContext.

SeUnregisterLogonSessionTerminatedRoutine

The SeUnregisterLogonSessionTerminatedRoutine routine unregisters a callback routine that was registered by an earlier call to SeRegisterLogonSessionTerminatedRoutine.

 

Related topics

Installable file systems driver design guide

 

 

Send comments about this topic to Microsoft

Show: