95 lines
2.1 KiB
C++
95 lines
2.1 KiB
C++
/*++
|
||
|
||
Copyright (c) 2000 Microsoft Corporation
|
||
|
||
Module Name:
|
||
|
||
KOEISecurityCheck.cpp
|
||
|
||
Abstract:
|
||
|
||
This shim sets the SID for TokenOwner at the beginning of the setup.exe. It checks
|
||
if the administrator group SID is enabled in current process token. If it is enabled then
|
||
we set the TokenOwner SID to administrator group SID. If it’s not then it does nothing.
|
||
|
||
History:
|
||
|
||
04/17/2001 zhongyl create
|
||
|
||
--*/
|
||
|
||
#include "precomp.h"
|
||
|
||
IMPLEMENT_SHIM_BEGIN(KOEISecurityCheck)
|
||
#include "ShimHookMacro.h"
|
||
|
||
APIHOOK_ENUM_BEGIN
|
||
APIHOOK_ENUM_END
|
||
|
||
/*++
|
||
|
||
DisableStickyKeys saves the current value for LPSTICKYKEYS and then disables the option.
|
||
|
||
--*/
|
||
|
||
VOID
|
||
SetSidForOwner()
|
||
{
|
||
BYTE sidBuffer[50];
|
||
PSID pSID = (PSID)sidBuffer;
|
||
SID_IDENTIFIER_AUTHORITY SIDAuth = SECURITY_NT_AUTHORITY;
|
||
BOOL IsMember;
|
||
HANDLE hToken;
|
||
TOKEN_OWNER SIDforOwner;
|
||
|
||
// Open a handle to the access token for the calling process.
|
||
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_DEFAULT, &hToken ))
|
||
return; //if OpenProcessToken fails, do nothing
|
||
|
||
// Create a SID for the BUILTIN\Administrators group.
|
||
if (!AllocateAndInitializeSid(&SIDAuth, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pSID))
|
||
return; //if AllocateAndInitializedSid fails, do nothing
|
||
|
||
// Check if the administrator group SID is enabled in current process token
|
||
if (!CheckTokenMembership(NULL, pSID, &IsMember))
|
||
return; //if CheckTokenMembership fails, do nothing
|
||
|
||
SIDforOwner.Owner = pSID;
|
||
|
||
// if the administrator group SID is enabled in current process token, call SetTokenInformation to set the SID for Owner.
|
||
if (IsMember)
|
||
SetTokenInformation(hToken, TokenOwner, &SIDforOwner, sizeof(SIDforOwner));
|
||
|
||
return;
|
||
|
||
}
|
||
|
||
BOOL
|
||
NOTIFY_FUNCTION(
|
||
DWORD fdwReason
|
||
)
|
||
{
|
||
if (fdwReason == SHIM_STATIC_DLLS_INITIALIZED) {
|
||
SetSidForOwner();
|
||
}
|
||
|
||
return TRUE;
|
||
}
|
||
|
||
/*++
|
||
|
||
Register hooked functions
|
||
|
||
--*/
|
||
|
||
|
||
HOOK_BEGIN
|
||
|
||
CALL_NOTIFY_FUNCTION
|
||
|
||
HOOK_END
|
||
|
||
|
||
IMPLEMENT_SHIM_END
|
||
|