Class: Win32::Security
- Inherits:
-
Object
- Object
- Win32::Security
- Extended by:
- Windows::Security::Functions
- Defined in:
- lib/win32/security.rb,
lib/win32/security/ace.rb,
lib/win32/security/acl.rb,
lib/win32/security/sid.rb
Overview
The Security class serves as a toplevel class namespace.
Defined Under Namespace
Constant Summary collapse
- VERSION =
The version of the win32-security library
'0.3.0'
- TOKEN_QUERY =
Used by OpenProcessToken
8
Class Method Summary collapse
-
.elevated_security? ⇒ Boolean
Returns whether or not the owner of the current process is running with elevated security privileges.
Class Method Details
.elevated_security? ⇒ Boolean
Returns whether or not the owner of the current process is running with elevated security privileges.
On Windows XP an earlier this method is actually just checking to see if the caller’s process is a member of the local Administrator’s group.
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
# File 'lib/win32/security.rb', line 35 def self.elevated_security? result = false FFI::MemoryPointer.new(:uintptr_t) do |token| unless OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, token) raise SystemCallError.new("OpenProcessToken", FFI.errno) end begin token = token.read_pointer.to_i # Since the TokenElevation struct only has 1 member, we use a pointer. te = FFI::MemoryPointer.new(:ulong) rl = FFI::MemoryPointer.new(:ulong) bool = GetTokenInformation( token, :TokenElevation, te, te.size, rl ) raise SystemCallError.new("GetTokenInformation", FFI.errno) unless bool result = te.read_ulong != 0 ensure CloseHandle(token) te.free rl.free end end result end |