annotate common/util.h @ 1029:6684e5012b7a

(issue98) Set integrity level to medium on restricted token and evaluate it to determine if the process is elevated.
author Andre Heinecke <andre.heinecke@intevation.de>
date Thu, 04 Sep 2014 11:00:55 +0200
parents 427e2e18b8c8
children 76cae27b5d83
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
7 */
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
8 #ifndef COMMON_UTIL_H
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
9 #define COMMON_UTIL_H
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
10 /* @file util.h
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
11 * @brief The usual useful stuff that fit nowhere else
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
12 */
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
13 #include <stdbool.h>
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
14
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
15 #ifdef WIN32
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
16 #include <windows.h>
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
17 #include <psapi.h>
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
18 #endif
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
19
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
20 #ifdef __cplusplus
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
21 extern "C" {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
22 #endif
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
23
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
24 #ifndef WIN32
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
25 /**@def Some value to use as equivalent as MAX_PATH on windows */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
26 #define MAX_PATH_LINUX 4000
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
27 #endif
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
28
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
29 /**@brief Check if the current process is running with elevated privileges.
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
30 *
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
31 * Elevates the current process token to check if it is marked as elevated.
323
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
32 * Uses TokenElevation on windows and checks effective UID on Linux.
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
33 *
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
34 * @returns true if the current process is elevated.*/
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
35 bool is_elevated();
323
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
36
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
37 /**@brief Check if the Software is installed system wide
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
38 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
39 * On Windows this checks if a registry key under HKLM exists for
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
40 * trustbridge and that the installation path mentioned there matches
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
41 * the current module path.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
42 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
43 * On linux this looks for the installation configuration in /etc
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
44 * and checks if the current process is inside the installation prefix.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
45 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
46 * The checked path is limited to MAX_PATH on Windows and @MAX_PATH_LINUX on
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
47 * Linux.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
48 */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
49 bool is_system_install();
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
50
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
51 /**@brief Check if the user is in the administrators group.
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
52 *
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
53 * The function checks if the account that startet this process
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
54 * belongs to a user that is a member of the Administrators group.
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
55 *
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
56 * @returns True if the user is in the admin group. False otherwise or on error.
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
57 */
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
58 bool is_admin();
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
59
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
60 /**@brief Get the directory in which the current process resides in
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
61 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
62 * Look up the directory in which the current process is placed.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
63 * If the path is longer then MAX_PATH NULL is returned.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
64 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
65 * Returns a utf-8 encoded string that has to be freed by the caller
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
66 * on linux the path is returned as is including the last /.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
67 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
68 * @returns The directory of the current process
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
69 */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
70 char * get_install_dir();
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
71
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
72 #ifdef WIN32
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
73 /**@brief Get a copy of the processes owner sid
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
74 *
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
75 * Copy the SID of the owner of the process hProcess.
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
76 *
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
77 * The returned sid structure has to be freed with free by the caller
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
78 *
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
79 * @param[in] hProcess A handle to the process whose user should be obtained.
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
80 * The process must have the PROCESS_QUERY_INFORMATION access permission.
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
81 *
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
82 * @returns A copy of the process owners sid or NULL on error.
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
83 */
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
84 PSID get_process_owner(HANDLE hProcess);
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 670
diff changeset
85
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
86 /**@brief Read (and expand if necessary) a registry string.
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 670
diff changeset
87 *
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
88 * Reads a registry string and calls ExpandEnvironmentString
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
89 * if necessary on it. Returns a newly allocated string array
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
90 * with the expanded registry value converted to UTF-8
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 670
diff changeset
91 *
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
92 * Caller has to free return value with free.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
93 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
94 * @param [in] root the root key (e.g. HKEY_LOCAL_MACHINE)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
95 * @param [in] key the key
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
96 * @param [in] name the name of the value to read.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
97 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
98 * @returns the expanded, null terminated utf-8 string of the value.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
99 * or NULL on error.
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 670
diff changeset
100 */
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
101 char * read_registry_string (const HKEY root, const wchar_t *key,
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
102 const wchar_t *name);
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
103
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
104 /**@brief Get the utf-8 encoded path to the program files folder.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
105 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
106 * Uses SHGetKnownFolderPath to look up the ProgramFiles folder.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
107 * @returns a newly allocated string containing the value or NULL on
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
108 * error.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
109 */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
110 char * get_program_files_folder ();
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
111
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
112 /**@brief Get the path to the program data folder.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
113 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
114 * Uses SHGetKnownFolderPath to look up the ProgramData folder.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
115 * The return value should be freed with CoTaskMemFree
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
116 * @returns a reference containing the value or NULL on error.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
117 */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
118 wchar_t * get_program_data_folder ();
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
119
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
120 /**@brief Create a directory with restricted access rights
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
121 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
122 * This creates a security attributes structure that restricts
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
123 * write access to the Administrators group but allows everyone to read files
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
124 * in that directory.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
125 * Basically a very complicated version of mkdir path -m 644
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
126 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
127 * If the directory exists the permissions of that directory are checked if
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
128 * they are acceptable and true or false is returned accordingly.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
129 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
130 * Code based on msdn example:
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
131 * http://msdn.microsoft.com/en-us/library/windows/desktop/aa446595%28v=vs.85%29.aspx
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
132 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
133 * @param[in] path Path of the directory to create
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
134 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
135 * @returns true on success of if the directory exists, false on error
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
136 */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
137 bool create_restricted_directory (LPWSTR path);
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
138
1029
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
139 /**@briefu Check the integrity level of the token
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
140 *
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
141 * Returns true if the token has SECURITY_MANADTORY_HIGH_RID or
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
142 * SECURITY_MANDATORY_SYSTEM_RID and false otherwise.
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
143 *
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
144 * @param[in] hToken the Token to check
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
145 *
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
146 * @returns true if the token has at least high integrity.
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
147 */
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
148 bool has_high_integrity(HANDLE hToken);
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
149
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
150 #endif
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
151
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
152 #ifdef __cplusplus
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
153 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
154 #endif
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
155
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
156 #endif // COMMON_UTIL_H

http://wald.intevation.org/projects/trustbridge/