Mercurial > trustbridge
annotate common/util.h @ 1332:8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
If the lock on the lockfile can be aquired it might still be
possible that another process is running. So we read the
pid from the lockfile and check if another process with the
same installation prefix as us is running.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Wed, 15 Oct 2014 14:19:46 +0200 |
| parents | 0a803c3fb5a6 |
| children |
| rev | line source |
|---|---|
| 404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
| 2 * Software engineering by Intevation GmbH | |
| 3 * | |
| 4 * This file is Free Software under the GNU GPL (v>=2) | |
| 5 * and comes with ABSOLUTELY NO WARRANTY! | |
| 6 * See LICENSE.txt for details. | |
| 7 */ | |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 #ifndef COMMON_UTIL_H |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
9 #define COMMON_UTIL_H |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
10 /* @file util.h |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
11 * @brief The usual useful stuff that fit nowhere else |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
12 */ |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
13 #include <stdbool.h> |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
14 |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
15 #ifdef WIN32 |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
16 #include <windows.h> |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
17 #include <psapi.h> |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
18 #endif |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
19 |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
20 #ifdef __cplusplus |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
21 extern "C" { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
22 #endif |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
23 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
24 #ifndef WIN32 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
25 /**@def Some value to use as equivalent as MAX_PATH on windows */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
26 #define MAX_PATH_LINUX 4000 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
27 #endif |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
28 |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
29 /**@brief Check if the current process is running with elevated privileges. |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
30 * |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
31 * Elevates the current process token to check if it is marked as elevated. |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
32 * Uses TokenElevation on windows and checks effective UID on Linux. |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
33 * |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
34 * @returns true if the current process is elevated.*/ |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
35 bool is_elevated(); |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
36 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
37 /**@brief Check if the Software is installed system wide |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
38 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
39 * On Windows this checks if a registry key under HKLM exists for |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
40 * trustbridge and that the installation path mentioned there matches |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
41 * the current module path. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
42 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
43 * On linux this looks for the installation configuration in /etc |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
44 * and checks if the current process is inside the installation prefix. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
45 * |
|
1053
78798d3af8f0
Fixed doxygen build warnings.
Emanuel Schuetze <emanuel@intevation.de>
parents:
1030
diff
changeset
|
46 * The checked path is limited to MAX_PATH on Windows and \@MAX_PATH_LINUX on |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
47 * Linux. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
48 */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
49 bool is_system_install(); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
50 |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
51 /**@brief Check if the user is in the administrators group. |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
52 * |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
53 * The function checks if the account that startet this process |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
54 * belongs to a user that is a member of the Administrators group. |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
55 * |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
56 * @returns True if the user is in the admin group. False otherwise or on error. |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
57 */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
58 bool is_admin(); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
59 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
60 /**@brief Get the directory in which the current process resides in |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
61 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
62 * Look up the directory in which the current process is placed. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
63 * If the path is longer then MAX_PATH NULL is returned. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
64 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
65 * Returns a utf-8 encoded string that has to be freed by the caller |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
66 * on linux the path is returned as is including the last /. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
67 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
68 * @returns The directory of the current process |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
69 */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
70 char * get_install_dir(); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
71 |
|
1332
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
72 #ifndef WIN32 |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
73 /**@brief Get the directory in which the process proc resides in |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
74 * |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
75 * Look up the directory in which the process proc is placed. |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
76 * If the path is longer then MAX_PATH NULL is returned. |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
77 * |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
78 * Returns a utf-8 encoded string that has to be freed by the caller |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
79 * on linux the path is returned as is including the last /. |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
80 * |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
81 * @param[in] A process id or special name from the proc file system. |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
82 * |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
83 * @returns The directory of the process |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
84 */ |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
85 char * get_proc_install_dir(const char *proc); |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
86 #endif |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
87 |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
88 #ifdef WIN32 |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
89 /**@brief Get a copy of the processes owner sid |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
90 * |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
91 * Copy the SID of the owner of the process hProcess. |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
92 * |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
93 * The returned sid structure has to be freed with free by the caller |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
94 * |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
95 * @param[in] hProcess A handle to the process whose user should be obtained. |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
96 * The process must have the PROCESS_QUERY_INFORMATION access permission. |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
97 * |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
98 * @returns A copy of the process owners sid or NULL on error. |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
99 */ |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
100 PSID get_process_owner(HANDLE hProcess); |
|
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
101 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
102 /**@brief Read (and expand if necessary) a registry string. |
|
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
103 * |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
104 * Reads a registry string and calls ExpandEnvironmentString |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
105 * if necessary on it. Returns a newly allocated string array |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
106 * with the expanded registry value converted to UTF-8 |
|
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
107 * |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
108 * Caller has to free return value with free. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
109 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
110 * @param [in] root the root key (e.g. HKEY_LOCAL_MACHINE) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
111 * @param [in] key the key |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
112 * @param [in] name the name of the value to read. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
113 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
114 * @returns the expanded, null terminated utf-8 string of the value. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
115 * or NULL on error. |
|
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
116 */ |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
117 char * read_registry_string (const HKEY root, const wchar_t *key, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
118 const wchar_t *name); |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
119 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
120 /**@brief Get the utf-8 encoded path to the program files folder. |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
121 * |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
122 * Uses SHGetKnownFolderPath to look up the ProgramFiles folder. |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
123 * @returns a newly allocated string containing the value or NULL on |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
124 * error. |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
125 */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
126 char * get_program_files_folder (); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
127 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
128 /**@brief Get the path to the program data folder. |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
129 * |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
130 * Uses SHGetKnownFolderPath to look up the ProgramData folder. |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
131 * The return value should be freed with CoTaskMemFree |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
132 * @returns a reference containing the value or NULL on error. |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
133 */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
134 wchar_t * get_program_data_folder (); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
135 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
136 /**@brief Create a directory with restricted access rights |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
137 * |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
138 * This creates a security attributes structure that restricts |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
139 * write access to the Administrators group but allows everyone to read files |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
140 * in that directory. |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
141 * Basically a very complicated version of mkdir path -m 644 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
142 * |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1118
diff
changeset
|
143 * If the directory exists and propagate_acl is set the permissions |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1118
diff
changeset
|
144 * of that directory are overwritten with the DACL that would have |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1118
diff
changeset
|
145 * been used to create the directory. |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
146 * |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
147 * Code based on msdn example: |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
148 * http://msdn.microsoft.com/en-us/library/windows/desktop/aa446595%28v=vs.85%29.aspx |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
149 * |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
150 * @param[in] path Path of the directory to create |
|
1070
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1053
diff
changeset
|
151 * @param[in] propagate_acl weather or not objects should inherit |
|
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1053
diff
changeset
|
152 * the ACL of this directory. |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1118
diff
changeset
|
153 * @param[out] rACL optional pointer to an PACL pointer that should be |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1118
diff
changeset
|
154 * the returned value. If rACL is not NULL the caller needs to free the |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1118
diff
changeset
|
155 * returned pointer with LocalFree. |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
156 * |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
157 * @returns true on success of if the directory exists, false on error |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
158 */ |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1118
diff
changeset
|
159 bool create_restricted_directory (LPWSTR path, bool propagate_acl, PACL *rACL); |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
160 |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1118
diff
changeset
|
161 /**@brief Check the integrity level of the token |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
162 * |
|
1030
76cae27b5d83
Clarify doc of has_high_integrity
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1029
diff
changeset
|
163 * Returns true if the token has at least SECURITY_MANADTORY_HIGH_RID or |
|
76cae27b5d83
Clarify doc of has_high_integrity
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1029
diff
changeset
|
164 * higher. |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
165 * |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
166 * @param[in] hToken the Token to check |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
167 * |
|
1030
76cae27b5d83
Clarify doc of has_high_integrity
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1029
diff
changeset
|
168 * @returns true if the token has at least high integrity. False on error |
|
76cae27b5d83
Clarify doc of has_high_integrity
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1029
diff
changeset
|
169 * or otherwise. |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
170 */ |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
171 bool has_high_integrity(HANDLE hToken); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
172 |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
173 /** @brief get a restricted access token to execute nss process |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
174 * |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
175 * This function uses the Software Restriction API to obtain the |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
176 * access token for a process run als normal user. |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
177 * |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
178 * @returns A restricted handle or NULL on error. |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
179 */ |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
180 HANDLE get_restricted_token(); |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
181 |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
182 /** @brief get a normal user access token |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
183 * |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
184 * The trusted acces token is not elevated but has the normal user rights. |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
185 * |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
186 * @returns A normal user handle or NULL on error. |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
187 */ |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
188 HANDLE get_normal_token(); |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
189 |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
190 #endif |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
191 |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
192 #ifdef __cplusplus |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
193 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
194 #endif |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
195 |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
196 #endif // COMMON_UTIL_H |