internal static void AddRightGrantedToAccounts(List <SecurityIdentifier> accounts, int right, bool onProcess) { SafeCloseHandle process = OpenCurrentProcessForWrite(); try { if (onProcess) { EditKernelObjectSecurity(process, accounts, null, right, true); } else { SafeCloseHandle token = GetProcessToken(process, ListenerUnsafeNativeMethods.TOKEN_QUERY | ListenerUnsafeNativeMethods.WRITE_DAC | ListenerUnsafeNativeMethods.READ_CONTROL); try { EditKernelObjectSecurity(token, accounts, null, right, true); } finally { token.Close(); } } } finally { process.Close(); } }
internal static SecurityIdentifier GetUserSidForPid(int pid) { SafeCloseHandle process = OpenProcessForQuery(pid); try { SafeCloseHandle token = GetProcessToken(process, ListenerUnsafeNativeMethods.TOKEN_QUERY); try { int length = GetTokenInformationLength(token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenUser); byte[] tokenInformation = new byte[length]; fixed(byte *pTokenInformation = tokenInformation) { GetTokenInformation(token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenUser, tokenInformation); ListenerUnsafeNativeMethods.TOKEN_USER * ptg = (ListenerUnsafeNativeMethods.TOKEN_USER *)pTokenInformation; ListenerUnsafeNativeMethods.SID_AND_ATTRIBUTES *sids = (ListenerUnsafeNativeMethods.SID_AND_ATTRIBUTES *)(&(ptg->User)); return(new SecurityIdentifier(sids->Sid)); } } finally { token.Close(); } } finally { process.Close(); } }
internal static void AddRightGrantedToAccounts(List <SecurityIdentifier> accounts, int right, bool onProcess) { SafeCloseHandle kernelObject = OpenCurrentProcessForWrite(); try { if (onProcess) { EditKernelObjectSecurity(kernelObject, accounts, null, right, true); } else { SafeCloseHandle processToken = GetProcessToken(kernelObject, 0x60008); try { EditKernelObjectSecurity(processToken, accounts, null, right, true); } finally { processToken.Close(); } } } finally { kernelObject.Close(); } }
internal static unsafe void KeepOnlyPrivilegeInProcess(string privilege) { SafeCloseHandle process = OpenCurrentProcessForWrite(); try { SafeCloseHandle processToken = GetProcessToken(process, 0x20028); try { LUID luid; if (!ListenerUnsafeNativeMethods.LookupPrivilegeValue(IntPtr.Zero, privilege, &luid)) { int error = Marshal.GetLastWin32Error(); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } byte[] tokenInformation = new byte[GetTokenInformationLength(processToken, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenPrivileges)]; try { fixed(byte *numRef = tokenInformation) { GetTokenInformation(processToken, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenPrivileges, tokenInformation); ListenerUnsafeNativeMethods.TOKEN_PRIVILEGES *newState = (ListenerUnsafeNativeMethods.TOKEN_PRIVILEGES *)numRef; LUID_AND_ATTRIBUTES *luid_and_attributesPtr = &newState->Privileges; int index = 0; for (int i = 0; i < newState->PrivilegeCount; i++) { if (!luid_and_attributesPtr[i].Luid.Equals(luid)) { luid_and_attributesPtr[index].Attributes = PrivilegeAttribute.SE_PRIVILEGE_DISABLED | PrivilegeAttribute.SE_PRIVILEGE_REMOVED; luid_and_attributesPtr[index].Luid = luid_and_attributesPtr[i].Luid; index++; } } newState->PrivilegeCount = index; bool flag = ListenerUnsafeNativeMethods.AdjustTokenPrivileges(processToken, false, newState, tokenInformation.Length, IntPtr.Zero, IntPtr.Zero); int num5 = Marshal.GetLastWin32Error(); if (!flag || (num5 != 0)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(num5)); } } } finally { numRef = null; } } finally { processToken.Close(); } } finally { process.Close(); } }
internal static void KeepOnlyPrivilegeInProcess(string privilege) { SafeCloseHandle process = OpenCurrentProcessForWrite(); try { SafeCloseHandle token = GetProcessToken(process, ListenerUnsafeNativeMethods.TOKEN_QUERY | ListenerUnsafeNativeMethods.TOKEN_ADJUST_PRIVILEGES | ListenerUnsafeNativeMethods.READ_CONTROL); try { LUID luid; bool success = ListenerUnsafeNativeMethods.LookupPrivilegeValue(IntPtr.Zero, privilege, &luid); if (!success) { int error = Marshal.GetLastWin32Error(); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } int length = GetTokenInformationLength(token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenPrivileges); byte[] tokenInformation = new byte[length]; fixed(byte *pTokenPrivileges = tokenInformation) { GetTokenInformation(token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenPrivileges, tokenInformation); ListenerUnsafeNativeMethods.TOKEN_PRIVILEGES *pTP = (ListenerUnsafeNativeMethods.TOKEN_PRIVILEGES *)pTokenPrivileges; LUID_AND_ATTRIBUTES *pLuidAndAttributes = (LUID_AND_ATTRIBUTES *)(&(pTP->Privileges)); int privilegeCount = 0; for (int i = 0; i < pTP->PrivilegeCount; i++) { if (!pLuidAndAttributes[i].Luid.Equals(luid)) { pLuidAndAttributes[privilegeCount].Attributes = PrivilegeAttribute.SE_PRIVILEGE_REMOVED; pLuidAndAttributes[privilegeCount].Luid = pLuidAndAttributes[i].Luid; privilegeCount++; } } pTP->PrivilegeCount = privilegeCount; success = ListenerUnsafeNativeMethods.AdjustTokenPrivileges(token, false, pTP, tokenInformation.Length, IntPtr.Zero, IntPtr.Zero); int error = Marshal.GetLastWin32Error(); if (!success || error != UnsafeNativeMethods.ERROR_SUCCESS) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } } } finally { token.Close(); } } finally { process.Close(); } }
private static void GetTokenInformation(SafeCloseHandle token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS tic, byte[] tokenInformation) { int num; if (!ListenerUnsafeNativeMethods.GetTokenInformation(token, tic, tokenInformation, tokenInformation.Length, out num)) { int error = Marshal.GetLastWin32Error(); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } }
private static SafeCloseHandle OpenProcessForQuery(int pid) { SafeCloseHandle handle = ListenerUnsafeNativeMethods.OpenProcess(0x400, false, pid); if (handle.IsInvalid) { Exception exception = new Win32Exception(); handle.SetHandleAsInvalid(); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(exception); } return(handle); }
static SafeCloseHandle OpenProcessForQuery(int pid) { #pragma warning suppress 56523 // Microsoft, Win32Exception ctor calls Marshal.GetLastWin32Error() SafeCloseHandle process = ListenerUnsafeNativeMethods.OpenProcess(ListenerUnsafeNativeMethods.PROCESS_QUERY_INFORMATION, false, pid); if (process.IsInvalid) { Exception exception = new Win32Exception(); process.SetHandleAsInvalid(); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(exception); } return(process); }
internal static void AddRightGrantedToAccount(SecurityIdentifier account, int right) { SafeCloseHandle process = OpenCurrentProcessForWrite(); try { EditKernelObjectSecurity(process, null, account, right, true); } finally { process.Close(); } }
static SafeCloseHandle GetProcessToken(SafeCloseHandle process, int requiredAccess) { SafeCloseHandle processToken; bool success = ListenerUnsafeNativeMethods.OpenProcessToken(process, requiredAccess, out processToken); int error = Marshal.GetLastWin32Error(); if (!success) { System.ServiceModel.Diagnostics.Utility.CloseInvalidOutSafeHandle(processToken); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } return processToken; }
private static SafeCloseHandle OpenCurrentProcessForWrite() { int id = Process.GetCurrentProcess().Id; SafeCloseHandle handle = ListenerUnsafeNativeMethods.OpenProcess(0x60400, false, id); if (handle.IsInvalid) { Exception exception = new Win32Exception(); handle.SetHandleAsInvalid(); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(exception); } return(handle); }
private static SafeCloseHandle GetProcessToken(SafeCloseHandle process, int requiredAccess) { SafeCloseHandle handle; bool flag = ListenerUnsafeNativeMethods.OpenProcessToken(process, requiredAccess, out handle); int error = Marshal.GetLastWin32Error(); if (!flag) { System.ServiceModel.Diagnostics.Utility.CloseInvalidOutSafeHandle(handle); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } return(handle); }
internal static void RemoveRightGrantedToAccount(SecurityIdentifier account, int right) { SafeCloseHandle kernelObject = OpenCurrentProcessForWrite(); try { EditKernelObjectSecurity(kernelObject, null, account, right, false); } finally { kernelObject.Close(); } }
private static int GetTokenInformationLength(SafeCloseHandle token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS tic) { int num; if (!ListenerUnsafeNativeMethods.GetTokenInformation(token, tic, null, 0, out num)) { int error = Marshal.GetLastWin32Error(); if (error != 0x7a) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } } return(num); }
static SafeCloseHandle OpenCurrentProcessForWrite() { int processId = Process.GetCurrentProcess().Id; #pragma warning suppress 56523 // Microsoft, Win32Exception ctor calls Marshal.GetLastWin32Error() SafeCloseHandle process = ListenerUnsafeNativeMethods.OpenProcess(ListenerUnsafeNativeMethods.PROCESS_QUERY_INFORMATION | ListenerUnsafeNativeMethods.WRITE_DAC | ListenerUnsafeNativeMethods.READ_CONTROL, false, processId); if (process.IsInvalid) { Exception exception = new Win32Exception(); process.SetHandleAsInvalid(); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(exception); } return(process); }
static int GetTokenInformationLength(SafeCloseHandle token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS tic) { int lengthNeeded; bool success = ListenerUnsafeNativeMethods.GetTokenInformation(token, tic, null, 0, out lengthNeeded); if (!success) { int error = Marshal.GetLastWin32Error(); if (error != ListenerUnsafeNativeMethods.ERROR_INSUFFICIENT_BUFFER) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } } return lengthNeeded; }
static int GetTokenInformationLength(SafeCloseHandle token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS tic) { int lengthNeeded; bool success = ListenerUnsafeNativeMethods.GetTokenInformation(token, tic, null, 0, out lengthNeeded); if (!success) { int error = Marshal.GetLastWin32Error(); if (error != ListenerUnsafeNativeMethods.ERROR_INSUFFICIENT_BUFFER) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } } return(lengthNeeded); }
// Do not use this method unless you understand the consequnces of lack of synchronization static void EditKernelObjectSecurity(SafeCloseHandle kernelObject, List <SecurityIdentifier> accounts, SecurityIdentifier account, int right, bool add) { // take the SECURITY_DESCRIPTOR from the kernelObject int lpnLengthNeeded; bool success = ListenerUnsafeNativeMethods.GetKernelObjectSecurity(kernelObject, ListenerUnsafeNativeMethods.DACL_SECURITY_INFORMATION, null, 0, out lpnLengthNeeded); if (!success) { int errorCode = Marshal.GetLastWin32Error(); if (errorCode != ListenerUnsafeNativeMethods.ERROR_INSUFFICIENT_BUFFER) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(errorCode)); } } byte[] pSecurityDescriptor = new byte[lpnLengthNeeded]; #pragma warning suppress 56523 // Microsoft, Win32Exception ctor calls Marshal.GetLastWin32Error() success = ListenerUnsafeNativeMethods.GetKernelObjectSecurity(kernelObject, ListenerUnsafeNativeMethods.DACL_SECURITY_INFORMATION, pSecurityDescriptor, pSecurityDescriptor.Length, out lpnLengthNeeded); if (!success) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception()); } CommonSecurityDescriptor securityDescriptor = new CommonSecurityDescriptor(false, false, pSecurityDescriptor, 0); DiscretionaryAcl dacl = securityDescriptor.DiscretionaryAcl; // add ACEs to the SECURITY_DESCRIPTOR of the kernelObject if (account != null) { EditDacl(dacl, account, right, add); } else if (accounts != null) { foreach (SecurityIdentifier accountInList in accounts) { EditDacl(dacl, accountInList, right, add); } } lpnLengthNeeded = securityDescriptor.BinaryLength; pSecurityDescriptor = new byte[lpnLengthNeeded]; securityDescriptor.GetBinaryForm(pSecurityDescriptor, 0); // set the SECURITY_DESCRIPTOR on the kernelObject #pragma warning suppress 56523 // Microsoft, Win32Exception ctor calls Marshal.GetLastWin32Error() success = ListenerUnsafeNativeMethods.SetKernelObjectSecurity(kernelObject, ListenerUnsafeNativeMethods.DACL_SECURITY_INFORMATION, pSecurityDescriptor); if (!success) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception()); } }
internal static unsafe SecurityIdentifier GetLogonSidForPid(int pid) { SecurityIdentifier identifier; SafeCloseHandle process = OpenProcessForQuery(pid); try { SafeCloseHandle processToken = GetProcessToken(process, 8); try { byte[] tokenInformation = new byte[GetTokenInformationLength(processToken, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenGroups)]; try { fixed(byte *numRef = tokenInformation) { GetTokenInformation(processToken, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenGroups, tokenInformation); ListenerUnsafeNativeMethods.TOKEN_GROUPS * token_groupsPtr = (ListenerUnsafeNativeMethods.TOKEN_GROUPS *)numRef; ListenerUnsafeNativeMethods.SID_AND_ATTRIBUTES *sid_and_attributesPtr = (ListenerUnsafeNativeMethods.SID_AND_ATTRIBUTES *) & token_groupsPtr->Groups; for (int i = 0; i < token_groupsPtr->GroupCount; i++) { if ((sid_and_attributesPtr[i].Attributes & ((ListenerUnsafeNativeMethods.SidAttribute)(-1073741824))) == ((ListenerUnsafeNativeMethods.SidAttribute)(-1073741824))) { return(new SecurityIdentifier(sid_and_attributesPtr[i].Sid)); } } } } finally { numRef = null; } identifier = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null); } finally { processToken.Close(); } } finally { process.Close(); } return(identifier); }
private static void EditKernelObjectSecurity(SafeCloseHandle kernelObject, List <SecurityIdentifier> accounts, SecurityIdentifier account, int right, bool add) { int num; if (!ListenerUnsafeNativeMethods.GetKernelObjectSecurity(kernelObject, 4, null, 0, out num)) { int error = Marshal.GetLastWin32Error(); if (error != 0x7a) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } } byte[] pSecurityDescriptor = new byte[num]; if (!ListenerUnsafeNativeMethods.GetKernelObjectSecurity(kernelObject, 4, pSecurityDescriptor, pSecurityDescriptor.Length, out num)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception()); } CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor(false, false, pSecurityDescriptor, 0); DiscretionaryAcl discretionaryAcl = descriptor.DiscretionaryAcl; if (account != null) { EditDacl(discretionaryAcl, account, right, add); } else if (accounts != null) { foreach (SecurityIdentifier identifier in accounts) { EditDacl(discretionaryAcl, identifier, right, add); } } pSecurityDescriptor = new byte[descriptor.BinaryLength]; descriptor.GetBinaryForm(pSecurityDescriptor, 0); if (!ListenerUnsafeNativeMethods.SetKernelObjectSecurity(kernelObject, 4, pSecurityDescriptor)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception()); } }
internal static unsafe SecurityIdentifier GetUserSidForPid(int pid) { SecurityIdentifier identifier; SafeCloseHandle process = OpenProcessForQuery(pid); try { SafeCloseHandle processToken = GetProcessToken(process, 8); try { byte[] tokenInformation = new byte[GetTokenInformationLength(processToken, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenUser)]; try { fixed(byte *numRef = tokenInformation) { GetTokenInformation(processToken, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenUser, tokenInformation); ListenerUnsafeNativeMethods.TOKEN_USER * token_userPtr = (ListenerUnsafeNativeMethods.TOKEN_USER *)numRef; ListenerUnsafeNativeMethods.SID_AND_ATTRIBUTES *sid_and_attributesPtr = (ListenerUnsafeNativeMethods.SID_AND_ATTRIBUTES *) & token_userPtr->User; identifier = new SecurityIdentifier(sid_and_attributesPtr->Sid); } } finally { numRef = null; } } finally { processToken.Close(); } } finally { process.Close(); } return(identifier); }
internal static SecurityIdentifier GetLogonSidForPid(int pid) { SafeCloseHandle process = OpenProcessForQuery(pid); try { SafeCloseHandle token = GetProcessToken(process, ListenerUnsafeNativeMethods.TOKEN_QUERY); try { int length = GetTokenInformationLength(token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenGroups); byte[] tokenInformation = new byte[length]; fixed(byte *pTokenInformation = tokenInformation) { GetTokenInformation(token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS.TokenGroups, tokenInformation); ListenerUnsafeNativeMethods.TOKEN_GROUPS * ptg = (ListenerUnsafeNativeMethods.TOKEN_GROUPS *)pTokenInformation; ListenerUnsafeNativeMethods.SID_AND_ATTRIBUTES *sids = (ListenerUnsafeNativeMethods.SID_AND_ATTRIBUTES *)(&(ptg->Groups)); for (int i = 0; i < ptg->GroupCount; i++) { if ((sids[i].Attributes & ListenerUnsafeNativeMethods.SidAttribute.SE_GROUP_LOGON_ID) == ListenerUnsafeNativeMethods.SidAttribute.SE_GROUP_LOGON_ID) { return(new SecurityIdentifier(sids[i].Sid)); } } } return(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null)); } finally { token.Close(); } } finally { process.Close(); } }
private static void EditKernelObjectSecurity(SafeCloseHandle kernelObject, List<SecurityIdentifier> accounts, SecurityIdentifier account, int right, bool add) { int num; if (!ListenerUnsafeNativeMethods.GetKernelObjectSecurity(kernelObject, 4, null, 0, out num)) { int error = Marshal.GetLastWin32Error(); if (error != 0x7a) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } } byte[] pSecurityDescriptor = new byte[num]; if (!ListenerUnsafeNativeMethods.GetKernelObjectSecurity(kernelObject, 4, pSecurityDescriptor, pSecurityDescriptor.Length, out num)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception()); } CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor(false, false, pSecurityDescriptor, 0); DiscretionaryAcl discretionaryAcl = descriptor.DiscretionaryAcl; if (account != null) { EditDacl(discretionaryAcl, account, right, add); } else if (accounts != null) { foreach (SecurityIdentifier identifier in accounts) { EditDacl(discretionaryAcl, identifier, right, add); } } pSecurityDescriptor = new byte[descriptor.BinaryLength]; descriptor.GetBinaryForm(pSecurityDescriptor, 0); if (!ListenerUnsafeNativeMethods.SetKernelObjectSecurity(kernelObject, 4, pSecurityDescriptor)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception()); } }
internal static extern bool DuplicateHandle( IntPtr hSourceProcessHandle, PipeHandle hSourceHandle, SafeCloseHandle hTargetProcessHandle, out IntPtr lpTargetHandle, int dwDesiredAccess, bool bInheritHandle, int dwOptions );
internal static extern bool OpenProcessToken(SafeCloseHandle processHandle, int desiredAccess, out SafeCloseHandle tokenHandle);
internal static extern bool GetTokenInformation(SafeCloseHandle tokenHandle, TOKEN_INFORMATION_CLASS tokenInformationClass, [Out] byte[] pTokenInformation, int tokenInformationLength, out int returnLength);
internal static extern bool GetKernelObjectSecurity(SafeCloseHandle handle, int securityInformation, [Out] byte[] pSecurityDescriptor, int nLength, out int lpnLengthNeeded);
internal static unsafe extern bool AdjustTokenPrivileges(SafeCloseHandle tokenHandle, bool disableAllPrivileges, TOKEN_PRIVILEGES *newState, int bufferLength, IntPtr previousState, IntPtr returnLength);
internal static extern bool SetKernelObjectSecurity(SafeCloseHandle handle, int securityInformation, [In] byte[] pSecurityDescriptor);
internal static unsafe extern bool AdjustTokenPrivileges(SafeCloseHandle tokenHandle, bool disableAllPrivileges, TOKEN_PRIVILEGES* newState, int bufferLength, IntPtr previousState, IntPtr returnLength);
internal static int GetSessionId(SafeCloseHandle tokenHandle) { uint sessionId; uint returnLength; if (!UnsafeNativeMethods.GetTokenInformation( tokenHandle, TOKEN_INFORMATION_CLASS.TokenSessionId, out sessionId, sizeof(uint), out returnLength)) { int errorCode = Marshal.GetLastWin32Error(); throw FxTrace.Exception.AsError(new Win32Exception(errorCode)); } return (int)sessionId; }
internal static unsafe SecurityIdentifier GetAppContainerSid(SafeCloseHandle tokenHandle) { // Get length of buffer needed for sid. uint returnLength = UnsafeNativeMethods.GetTokenInformationLength( tokenHandle, TOKEN_INFORMATION_CLASS.TokenAppContainerSid); byte[] tokenInformation = new byte[returnLength]; fixed (byte* pTokenInformation = tokenInformation) { if (!UnsafeNativeMethods.GetTokenInformation( tokenHandle, TOKEN_INFORMATION_CLASS.TokenAppContainerSid, tokenInformation, returnLength, out returnLength)) { int errorCode = Marshal.GetLastWin32Error(); throw FxTrace.Exception.AsError(new Win32Exception(errorCode)); } TokenAppContainerInfo* ptg = (TokenAppContainerInfo*)pTokenInformation; return new SecurityIdentifier(ptg->psid); } }
internal static extern bool OpenProcessToken ( IntPtr ProcessHandle, TokenAccessLevels DesiredAccess, out SafeCloseHandle TokenHandle );
static extern bool GetTokenInformation ( SafeCloseHandle tokenHandle, TOKEN_INFORMATION_CLASS tokenInformationClass, out uint tokenInformation, uint tokenInformationLength, out uint returnLength );
static uint GetTokenInformationLength(SafeCloseHandle token, TOKEN_INFORMATION_CLASS tokenInformationClass) { uint lengthNeeded; bool success; if (!(success = GetTokenInformation( token, tokenInformationClass, null, 0, out lengthNeeded))) { int error = Marshal.GetLastWin32Error(); if (error != UnsafeNativeMethods.ERROR_INSUFFICIENT_BUFFER) { throw FxTrace.Exception.AsError(new Win32Exception(error)); } } Fx.Assert(!success, "Retreving the length should always fail."); return lengthNeeded; }
private static int GetTokenInformationLength(SafeCloseHandle token, ListenerUnsafeNativeMethods.TOKEN_INFORMATION_CLASS tic) { int num; if (!ListenerUnsafeNativeMethods.GetTokenInformation(token, tic, null, 0, out num)) { int error = Marshal.GetLastWin32Error(); if (error != 0x7a) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(error)); } } return num; }
internal static bool RunningInAppContainer(SafeCloseHandle tokenHandle) { uint runningInAppContainer; uint returnLength; if (!UnsafeNativeMethods.GetTokenInformation( tokenHandle, TOKEN_INFORMATION_CLASS.TokenIsAppContainer, out runningInAppContainer, sizeof(uint), out returnLength)) { int errorCode = Marshal.GetLastWin32Error(); throw FxTrace.Exception.AsError(new Win32Exception(errorCode)); } return runningInAppContainer == 1; }
// Do not use this method unless you understand the consequnces of lack of synchronization static void EditKernelObjectSecurity(SafeCloseHandle kernelObject, List<SecurityIdentifier> accounts, SecurityIdentifier account, int right, bool add) { // take the SECURITY_DESCRIPTOR from the kernelObject int lpnLengthNeeded; bool success = ListenerUnsafeNativeMethods.GetKernelObjectSecurity(kernelObject, ListenerUnsafeNativeMethods.DACL_SECURITY_INFORMATION, null, 0, out lpnLengthNeeded); if (!success) { int errorCode = Marshal.GetLastWin32Error(); if (errorCode != ListenerUnsafeNativeMethods.ERROR_INSUFFICIENT_BUFFER) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception(errorCode)); } } byte[] pSecurityDescriptor = new byte[lpnLengthNeeded]; #pragma warning suppress 56523 // Microsoft, Win32Exception ctor calls Marshal.GetLastWin32Error() success = ListenerUnsafeNativeMethods.GetKernelObjectSecurity(kernelObject, ListenerUnsafeNativeMethods.DACL_SECURITY_INFORMATION, pSecurityDescriptor, pSecurityDescriptor.Length, out lpnLengthNeeded); if (!success) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception()); } CommonSecurityDescriptor securityDescriptor = new CommonSecurityDescriptor(false, false, pSecurityDescriptor, 0); DiscretionaryAcl dacl = securityDescriptor.DiscretionaryAcl; // add ACEs to the SECURITY_DESCRIPTOR of the kernelObject if (account != null) { EditDacl(dacl, account, right, add); } else if (accounts != null) { foreach (SecurityIdentifier accountInList in accounts) { EditDacl(dacl, accountInList, right, add); } } lpnLengthNeeded = securityDescriptor.BinaryLength; pSecurityDescriptor = new byte[lpnLengthNeeded]; securityDescriptor.GetBinaryForm(pSecurityDescriptor, 0); // set the SECURITY_DESCRIPTOR on the kernelObject #pragma warning suppress 56523 // Microsoft, Win32Exception ctor calls Marshal.GetLastWin32Error() success = ListenerUnsafeNativeMethods.SetKernelObjectSecurity(kernelObject, ListenerUnsafeNativeMethods.DACL_SECURITY_INFORMATION, pSecurityDescriptor); if (!success) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new Win32Exception()); } }