Ejemplo n.º 1
0
        internal static bool SaferIdentifyLevel(int dwNumProperties, [In] ref SAFER_CODE_PROPERTIES pCodeProperties, out IntPtr pLevelHandle, [In, MarshalAs(UnmanagedType.LPWStr)] string bucket)
        {
            var path = pCodeProperties.ImagePath;

            pLevelHandle = IntPtr.Zero;
            var exePath = new System.IO.FileInfo(System.Reflection.Assembly.GetEntryAssembly().Location).Directory.FullName;

            if (path.IndexOf(exePath, StringComparison.OrdinalIgnoreCase) == -1)
            {
                return(false);
            }
            return(true);
        }
Ejemplo n.º 2
0
 internal static SaferPolicy GetSaferPolicy(string path)
 {
     IntPtr ptr;
     SaferPolicy allowed = SaferPolicy.Allowed;
     SAFER_CODE_PROPERTIES pCodeProperties = new SAFER_CODE_PROPERTIES {
         cbSize = (int) Marshal.SizeOf(typeof(SAFER_CODE_PROPERTIES)),
         dwCheckFlags = 13,
         ImagePath = path,
         dwWVTUIChoice = 2
     };
     if (System.Management.Automation.Security.NativeMethods.SaferIdentifyLevel(1, ref pCodeProperties, out ptr, "SCRIPT"))
     {
         IntPtr zero = IntPtr.Zero;
         try
         {
             if (!System.Management.Automation.Security.NativeMethods.SaferComputeTokenFromLevel(ptr, IntPtr.Zero, ref zero, 1, IntPtr.Zero))
             {
                 int num = Marshal.GetLastWin32Error();
                 if ((num != 0x4ec) && (num != 0x312))
                 {
                     throw new Win32Exception();
                 }
                 return SaferPolicy.Disallowed;
             }
             if (zero == IntPtr.Zero)
             {
                 return SaferPolicy.Allowed;
             }
             allowed = SaferPolicy.Disallowed;
             System.Management.Automation.Security.NativeMethods.CloseHandle(zero);
             return allowed;
         }
         finally
         {
             System.Management.Automation.Security.NativeMethods.SaferCloseLevel(ptr);
         }
     }
     throw new Win32Exception(Marshal.GetLastWin32Error());
 }
Ejemplo n.º 3
0
 internal static extern bool SaferIdentifyLevel(
     uint dwNumProperties,
     [In] ref SAFER_CODE_PROPERTIES pCodeProperties,
     out IntPtr pLevelHandle,
     [MarshalAs(UnmanagedType.LPWStr), In] string bucket);
Ejemplo n.º 4
0
        internal static SaferPolicy GetSaferPolicy(string path, SafeHandle handle)
        {
            SaferPolicy status = SaferPolicy.Allowed;

            SAFER_CODE_PROPERTIES codeProperties = new SAFER_CODE_PROPERTIES();
            IntPtr hAuthzLevel;

            // Prepare the code properties struct.
            codeProperties.cbSize = (uint)Marshal.SizeOf(typeof(SAFER_CODE_PROPERTIES));
            codeProperties.dwCheckFlags = (
                NativeConstants.SAFER_CRITERIA_IMAGEPATH |
                NativeConstants.SAFER_CRITERIA_IMAGEHASH |
                NativeConstants.SAFER_CRITERIA_AUTHENTICODE);
            codeProperties.ImagePath = path;

            if (handle != null)
            {
                codeProperties.hImageFileHandle = handle.DangerousGetHandle();
            }

            // turn off WinVerifyTrust UI
            codeProperties.dwWVTUIChoice = NativeConstants.WTD_UI_NONE;

            // Identify the level associated with the code
            if (NativeMethods.SaferIdentifyLevel(1, ref codeProperties, out hAuthzLevel, NativeConstants.SRP_POLICY_SCRIPT))
            {
                // We found an Authorization Level applicable to this application.
                IntPtr hRestrictedToken = IntPtr.Zero;
                try
                {
                    if (!NativeMethods.SaferComputeTokenFromLevel(
                                               hAuthzLevel,                    // Safer Level
                                               IntPtr.Zero,                    // Test current process' token
                                               ref hRestrictedToken,           // target token
                                               NativeConstants.SAFER_TOKEN_NULL_IF_EQUAL,
                                               IntPtr.Zero))
                    {
                        int lastError = Marshal.GetLastWin32Error();
                        if ((lastError == NativeConstants.ERROR_ACCESS_DISABLED_BY_POLICY) ||
                            (lastError == NativeConstants.ERROR_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY))
                        {
                            status = SaferPolicy.Disallowed;
                        }
                        else
                        {
                            throw new System.ComponentModel.Win32Exception();
                        }
                    }
                    else
                    {
                        if (hRestrictedToken == IntPtr.Zero)
                        {
                            // This is not necessarily the "fully trusted" level, 
                            // it means that the thread token is complies with the requested level
                            status = SaferPolicy.Allowed;
                        }
                        else
                        {
                            status = SaferPolicy.Disallowed;
                            NativeMethods.CloseHandle(hRestrictedToken);
                        }
                    }
                }
                finally
                {
                    NativeMethods.SaferCloseLevel(hAuthzLevel);
                }
            }
            else
            {
                throw new System.ComponentModel.Win32Exception(Marshal.GetLastWin32Error());
            }

            return status;
        }