M
Michael Tissington
Guest
I have an app that for some of the time needs to run with high integrity (UIAccess = true)
For the rest of the time I'd like to lower the integrity level to the default (medium)
I have tried the following but it does not work.
hProcess = GetCurrentProcess();
if (OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_ADJUST_GROUPS | TOKEN_QUERY, &hToken))
{
PSID pSidIL = NULL;
//INFO on SID: https://support.microsoft.com/en-us/kb/243330?wa=wsignin1.0
ConvertStringSidToSid(L"S-1-16-12288", &pSidIL);
TOKEN_GROUPS tg = { 0 };
tg.GroupCount = 1;
tg.Groups[0].Attributes = SE_GROUP_INTEGRITY;
tg.Groups[0].Sid = pSidIL;
AdjustTokenGroups(hToken, FALSE, &tg, sizeof(TOKEN_GROUPS) + GetSidLengthRequired(1), NULL, NULL);
DWORD error = GetLastError();
}
Any ideas please?
Michael Tissington
Continue reading...
For the rest of the time I'd like to lower the integrity level to the default (medium)
I have tried the following but it does not work.
hProcess = GetCurrentProcess();
if (OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_ADJUST_GROUPS | TOKEN_QUERY, &hToken))
{
PSID pSidIL = NULL;
//INFO on SID: https://support.microsoft.com/en-us/kb/243330?wa=wsignin1.0
ConvertStringSidToSid(L"S-1-16-12288", &pSidIL);
TOKEN_GROUPS tg = { 0 };
tg.GroupCount = 1;
tg.Groups[0].Attributes = SE_GROUP_INTEGRITY;
tg.Groups[0].Sid = pSidIL;
AdjustTokenGroups(hToken, FALSE, &tg, sizeof(TOKEN_GROUPS) + GetSidLengthRequired(1), NULL, NULL);
DWORD error = GetLastError();
}
Any ideas please?
Michael Tissington
Continue reading...