Mercurial > trustbridge
annotate common/util.h @ 1029:6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
evaluate it to determine if the process is elevated.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Thu, 04 Sep 2014 11:00:55 +0200 |
parents | 427e2e18b8c8 |
children | 76cae27b5d83 |
rev | line source |
---|---|
404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
2 * Software engineering by Intevation GmbH | |
3 * | |
4 * This file is Free Software under the GNU GPL (v>=2) | |
5 * and comes with ABSOLUTELY NO WARRANTY! | |
6 * See LICENSE.txt for details. | |
7 */ | |
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 #ifndef COMMON_UTIL_H |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
9 #define COMMON_UTIL_H |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
10 /* @file util.h |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
11 * @brief The usual useful stuff that fit nowhere else |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
12 */ |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
13 #include <stdbool.h> |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
14 |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
15 #ifdef WIN32 |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
16 #include <windows.h> |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
17 #include <psapi.h> |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
18 #endif |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
19 |
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
20 #ifdef __cplusplus |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
21 extern "C" { |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
22 #endif |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
23 |
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
24 #ifndef WIN32 |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
25 /**@def Some value to use as equivalent as MAX_PATH on windows */ |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
26 #define MAX_PATH_LINUX 4000 |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
27 #endif |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
28 |
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
29 /**@brief Check if the current process is running with elevated privileges. |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
30 * |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
31 * Elevates the current process token to check if it is marked as elevated. |
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
32 * Uses TokenElevation on windows and checks effective UID on Linux. |
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
33 * |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
34 * @returns true if the current process is elevated.*/ |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
35 bool is_elevated(); |
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
36 |
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
37 /**@brief Check if the Software is installed system wide |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
38 * |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
39 * On Windows this checks if a registry key under HKLM exists for |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
40 * trustbridge and that the installation path mentioned there matches |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
41 * the current module path. |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
42 * |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
43 * On linux this looks for the installation configuration in /etc |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
44 * and checks if the current process is inside the installation prefix. |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
45 * |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
46 * The checked path is limited to MAX_PATH on Windows and @MAX_PATH_LINUX on |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
47 * Linux. |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
48 */ |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
49 bool is_system_install(); |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
50 |
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
51 /**@brief Check if the user is in the administrators group. |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
52 * |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
53 * The function checks if the account that startet this process |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
54 * belongs to a user that is a member of the Administrators group. |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
55 * |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
56 * @returns True if the user is in the admin group. False otherwise or on error. |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
57 */ |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
58 bool is_admin(); |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
59 |
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
60 /**@brief Get the directory in which the current process resides in |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
61 * |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
62 * Look up the directory in which the current process is placed. |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
63 * If the path is longer then MAX_PATH NULL is returned. |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
64 * |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
65 * Returns a utf-8 encoded string that has to be freed by the caller |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
66 * on linux the path is returned as is including the last /. |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
67 * |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
68 * @returns The directory of the current process |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
69 */ |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
70 char * get_install_dir(); |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
71 |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
72 #ifdef WIN32 |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
73 /**@brief Get a copy of the processes owner sid |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
74 * |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
75 * Copy the SID of the owner of the process hProcess. |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
76 * |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
77 * The returned sid structure has to be freed with free by the caller |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
78 * |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
79 * @param[in] hProcess A handle to the process whose user should be obtained. |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
80 * The process must have the PROCESS_QUERY_INFORMATION access permission. |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
81 * |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
82 * @returns A copy of the process owners sid or NULL on error. |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
83 */ |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
84 PSID get_process_owner(HANDLE hProcess); |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
85 |
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
86 /**@brief Read (and expand if necessary) a registry string. |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
87 * |
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
88 * Reads a registry string and calls ExpandEnvironmentString |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
89 * if necessary on it. Returns a newly allocated string array |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
90 * with the expanded registry value converted to UTF-8 |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
91 * |
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
92 * Caller has to free return value with free. |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
93 * |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
94 * @param [in] root the root key (e.g. HKEY_LOCAL_MACHINE) |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
95 * @param [in] key the key |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
96 * @param [in] name the name of the value to read. |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
97 * |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
98 * @returns the expanded, null terminated utf-8 string of the value. |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
99 * or NULL on error. |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
100 */ |
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
101 char * read_registry_string (const HKEY root, const wchar_t *key, |
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
102 const wchar_t *name); |
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
103 |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
104 /**@brief Get the utf-8 encoded path to the program files folder. |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
105 * |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
106 * Uses SHGetKnownFolderPath to look up the ProgramFiles folder. |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
107 * @returns a newly allocated string containing the value or NULL on |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
108 * error. |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
109 */ |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
110 char * get_program_files_folder (); |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
111 |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
112 /**@brief Get the path to the program data folder. |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
113 * |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
114 * Uses SHGetKnownFolderPath to look up the ProgramData folder. |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
115 * The return value should be freed with CoTaskMemFree |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
116 * @returns a reference containing the value or NULL on error. |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
117 */ |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
118 wchar_t * get_program_data_folder (); |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
119 |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
120 /**@brief Create a directory with restricted access rights |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
121 * |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
122 * This creates a security attributes structure that restricts |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
123 * write access to the Administrators group but allows everyone to read files |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
124 * in that directory. |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
125 * Basically a very complicated version of mkdir path -m 644 |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
126 * |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
127 * If the directory exists the permissions of that directory are checked if |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
128 * they are acceptable and true or false is returned accordingly. |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
129 * |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
130 * Code based on msdn example: |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
131 * http://msdn.microsoft.com/en-us/library/windows/desktop/aa446595%28v=vs.85%29.aspx |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
132 * |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
133 * @param[in] path Path of the directory to create |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
134 * |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
135 * @returns true on success of if the directory exists, false on error |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
136 */ |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
137 bool create_restricted_directory (LPWSTR path); |
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
138 |
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
139 /**@briefu Check the integrity level of the token |
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
140 * |
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
141 * Returns true if the token has SECURITY_MANADTORY_HIGH_RID or |
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
142 * SECURITY_MANDATORY_SYSTEM_RID and false otherwise. |
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
143 * |
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
144 * @param[in] hToken the Token to check |
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
145 * |
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
146 * @returns true if the token has at least high integrity. |
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
147 */ |
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
148 bool has_high_integrity(HANDLE hToken); |
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
149 |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
150 #endif |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
151 |
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
152 #ifdef __cplusplus |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
153 } |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
154 #endif |
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
155 |
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
156 #endif // COMMON_UTIL_H |