2.2.46 SERVICE_SID_INFO
The SERVICE_SID_INFO structure<16> defines the type of service security identifier (SID) associated with a service.
-
typedef struct _SERVICE_SID_INFO { DWORD dwServiceSidType; } SERVICE_SID_INFO, *LPSERVICE_SID_INFO;
dwServiceSidType: The type of service SID. This MUST be one of the following values.
-
Value
Meaning
SERVICE_SID_TYPE_NONE
0x00000000
No service SID.
SERVICE_SID_TYPE_RESTRICTED
0x00000003
This type includes SERVICE_SID_TYPE_UNRESTRICTED. The service SID is also added to the restricted SID list of the process token. Three additional SIDs are added to the restricted SID list:
1. World SID S-1-1-0.
2. Service logon SID.
3. One access control entry (ACE) that allows GENERIC_ALL access for the service logon SID is also added to the service process token object.
If multiple services are hosted in the same process and one service has SERVICE_SID_TYPE_RESTRICTED, all services MUST have SERVICE_SID_TYPE_RESTRICTED.
SERVICE_SID_TYPE_UNRESTRICTED
0x00000001
When the service process is created, the service SID is added to the service process token with the following attributes: SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_OWNER.