Class: Win32::Security
- Inherits:
-
Object
- Object
- Win32::Security
- Extended by:
- Windows::Security::Functions
- Defined in:
- lib/win32/security.rb,
lib/win32/security/ace.rb,
lib/win32/security/acl.rb,
lib/win32/security/sid.rb
Overview
The Security class serves as a toplevel class namespace.
Defined Under Namespace
Constant Summary collapse
- VERSION =
The version of the win32-security library
'0.2.3'
- TOKEN_QUERY =
Used by OpenProcessToken
8
Constants included from Windows::Security::Constants
Windows::Security::Constants::ACL_REVISION, Windows::Security::Constants::ACL_REVISION1, Windows::Security::Constants::ACL_REVISION2, Windows::Security::Constants::ACL_REVISION3, Windows::Security::Constants::ACL_REVISION4, Windows::Security::Constants::AclRevisionInformation, Windows::Security::Constants::AclSizeInformation, Windows::Security::Constants::DOMAIN_ALIAS_RID_ACCOUNT_OPS, Windows::Security::Constants::DOMAIN_ALIAS_RID_ADMINS, Windows::Security::Constants::DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS, Windows::Security::Constants::DOMAIN_ALIAS_RID_BACKUP_OPS, Windows::Security::Constants::DOMAIN_ALIAS_RID_DCOM_USERS, Windows::Security::Constants::DOMAIN_ALIAS_RID_GUESTS, Windows::Security::Constants::DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS, Windows::Security::Constants::DOMAIN_ALIAS_RID_LOGGING_USERS, Windows::Security::Constants::DOMAIN_ALIAS_RID_MONITORING_USERS, Windows::Security::Constants::DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS, Windows::Security::Constants::DOMAIN_ALIAS_RID_POWER_USERS, Windows::Security::Constants::DOMAIN_ALIAS_RID_PREW2KCOMPACCESS, Windows::Security::Constants::DOMAIN_ALIAS_RID_PRINT_OPS, Windows::Security::Constants::DOMAIN_ALIAS_RID_RAS_SERVERS, Windows::Security::Constants::DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS, Windows::Security::Constants::DOMAIN_ALIAS_RID_REPLICATOR, Windows::Security::Constants::DOMAIN_ALIAS_RID_SYSTEM_OPS, Windows::Security::Constants::DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS, Windows::Security::Constants::DOMAIN_ALIAS_RID_USERS, Windows::Security::Constants::DOMAIN_GROUP_RID_ADMINS, Windows::Security::Constants::DOMAIN_GROUP_RID_CERT_ADMINS, Windows::Security::Constants::DOMAIN_GROUP_RID_COMPUTERS, Windows::Security::Constants::DOMAIN_GROUP_RID_CONTROLLERS, Windows::Security::Constants::DOMAIN_GROUP_RID_ENTERPRISE_ADMINS, Windows::Security::Constants::DOMAIN_GROUP_RID_GUESTS, Windows::Security::Constants::DOMAIN_GROUP_RID_POLICY_ADMINS, Windows::Security::Constants::DOMAIN_GROUP_RID_SCHEMA_ADMINS, Windows::Security::Constants::DOMAIN_GROUP_RID_USERS, Windows::Security::Constants::DOMAIN_USER_RID_ADMIN, Windows::Security::Constants::DOMAIN_USER_RID_GUEST, Windows::Security::Constants::DOMAIN_USER_RID_KRBTGT, Windows::Security::Constants::DOMAIN_USER_RID_MAX, Windows::Security::Constants::ERROR_NO_TOKEN, Windows::Security::Constants::FOREST_USER_RID_MAX, Windows::Security::Constants::SECURITY_ANONYMOUS_LOGON_RID, Windows::Security::Constants::SECURITY_AUTHENTICATED_USER_RID, Windows::Security::Constants::SECURITY_BATCH_RID, Windows::Security::Constants::SECURITY_BUILTIN_DOMAIN_RID, Windows::Security::Constants::SECURITY_CREATOR_GROUP_RID, Windows::Security::Constants::SECURITY_CREATOR_GROUP_SERVER_RID, Windows::Security::Constants::SECURITY_CREATOR_OWNER_RID, Windows::Security::Constants::SECURITY_CREATOR_OWNER_SERVER_RID, Windows::Security::Constants::SECURITY_CREATOR_SID_AUTHORITY, Windows::Security::Constants::SECURITY_DIALUP_RID, Windows::Security::Constants::SECURITY_ENTERPRISE_CONTROLLERS_RID, Windows::Security::Constants::SECURITY_INTERACTIVE_RID, Windows::Security::Constants::SECURITY_LOCAL_RID, Windows::Security::Constants::SECURITY_LOCAL_SERVICE_RID, Windows::Security::Constants::SECURITY_LOCAL_SID_AUTHORITY, Windows::Security::Constants::SECURITY_LOCAL_SYSTEM_RID, Windows::Security::Constants::SECURITY_LOGON_IDS_RID, Windows::Security::Constants::SECURITY_LOGON_IDS_RID_COUNT, Windows::Security::Constants::SECURITY_MAX_ALWAYS_FILTERED, Windows::Security::Constants::SECURITY_MIN_NEVER_FILTERED, Windows::Security::Constants::SECURITY_NETWORK_RID, Windows::Security::Constants::SECURITY_NETWORK_SERVICE_RID, Windows::Security::Constants::SECURITY_NON_UNIQUE_AUTHORITY, Windows::Security::Constants::SECURITY_NT_AUTHORITY, Windows::Security::Constants::SECURITY_NT_NON_UNIQUE, Windows::Security::Constants::SECURITY_NT_NON_UNIQUE_SUB_AUTH_COUNT, Windows::Security::Constants::SECURITY_NULL_RID, Windows::Security::Constants::SECURITY_NULL_SID_AUTHORITY, Windows::Security::Constants::SECURITY_OTHER_ORGANIZATION_RID, Windows::Security::Constants::SECURITY_PACKAGE_BASE_RID, Windows::Security::Constants::SECURITY_PACKAGE_DIGEST_RID, Windows::Security::Constants::SECURITY_PACKAGE_NTLM_RID, Windows::Security::Constants::SECURITY_PACKAGE_RID_COUNT, Windows::Security::Constants::SECURITY_PACKAGE_SCHANNEL_RID, Windows::Security::Constants::SECURITY_PRINCIPAL_SELF_RID, Windows::Security::Constants::SECURITY_PROXY_RID, Windows::Security::Constants::SECURITY_REMOTE_LOGON_RID, Windows::Security::Constants::SECURITY_RESOURCE_MANAGER_AUTHORITY, Windows::Security::Constants::SECURITY_RESTRICTED_CODE_RID, Windows::Security::Constants::SECURITY_SERVER_LOGON_RID, Windows::Security::Constants::SECURITY_SERVICE_RID, Windows::Security::Constants::SECURITY_TERMINAL_SERVER_RID, Windows::Security::Constants::SECURITY_THIS_ORGANIZATION_RID, Windows::Security::Constants::SECURITY_WORLD_RID, Windows::Security::Constants::SECURITY_WORLD_SID_AUTHORITY, Windows::Security::Constants::SidTypeAlias, Windows::Security::Constants::SidTypeComputer, Windows::Security::Constants::SidTypeDeletedAccount, Windows::Security::Constants::SidTypeDomain, Windows::Security::Constants::SidTypeGroup, Windows::Security::Constants::SidTypeInvalid, Windows::Security::Constants::SidTypeUnknown, Windows::Security::Constants::SidTypeUser, Windows::Security::Constants::SidTypeWellKnownGroup
Class Method Summary collapse
-
.elevated_security? ⇒ Boolean
Returns whether or not the owner of the current process is running with elevated security privileges.
Class Method Details
.elevated_security? ⇒ Boolean
Returns whether or not the owner of the current process is running with elevated security privileges.
On Windows XP an earlier this method is actually just checking to see if the caller’s process is a member of the local Administrator’s group.
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 |
# File 'lib/win32/security.rb', line 35 def self.elevated_security? if windows_version < 6 sid_ptr = FFI::MemoryPointer.new(:pointer) nt_auth_ptr = FFI::MemoryPointer.new(SID_IDENTIFIER_AUTHORITY,1) nt_auth = SID_IDENTIFIER_AUTHORITY.new(nt_auth_ptr) nt_auth[:Value].to_ptr.put_bytes(0, 0.chr*5 + 5.chr) bool = AllocateAndInitializeSid( nt_auth_ptr, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, sid_ptr ) unless bool raise SystemCallError.new("AllocateAndInitializeSid", FFI.errno) end pbool = FFI::MemoryPointer.new(:long) unless CheckTokenMembership(0, sid_ptr.read_pointer, pbool) raise SystemCallError.new("CheckTokenMembership", FFI.errno) end pbool.read_long != 0 else token = FFI::MemoryPointer.new(:ulong) unless OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, token) raise SystemCallError.new("OpenProcessToken", FFI.errno) end begin token = token.read_ulong # Since the TokenElevation struct only has 1 member, we use a pointer. te = FFI::MemoryPointer.new(:ulong) rl = FFI::MemoryPointer.new(:ulong) bool = GetTokenInformation( token, :TokenElevation, te, te.size, rl ) raise SystemCallError.new("GetTokenInformation", FFI.errno) unless bool ensure CloseHandle(token) end te.read_ulong != 0 end end |