95 lines
2 KiB
C++
95 lines
2 KiB
C++
|
/*++
|
|||
|
|
|
|||
|
|
Copyright (c) 2000 Microsoft Corporation
|
|||
|
|
|
|||
|
|
Module Name:
|
|||
|
|
|
|||
|
|
KOEISecurityCheck.cpp
|
|||
|
|
|
|||
|
|
Abstract:
|
|||
|
|
|
|||
|
|
This shim sets the SID for TokenOwner at the beginning of the setup.exe. It checks
|
|||
|
|
if the administrator group SID is enabled in current process token. If it is enabled then
|
|||
|
|
we set the TokenOwner SID to administrator group SID. If it<EFBFBD>s not then it does nothing.
|
|||
|
|
|
|||
|
|
History:
|
|||
|
|
|
|||
|
|
04/17/2001 zhongyl create
|
|||
|
|
|
|||
|
|
--*/
|
|||
|
|
|
|||
|
|
#include "precomp.h"
|
|||
|
|
|
|||
|
|
IMPLEMENT_SHIM_BEGIN(KOEISecurityCheck)
|
|||
|
|
#include "ShimHookMacro.h"
|
|||
|
|
|
|||
|
|
APIHOOK_ENUM_BEGIN
|
|||
|
|
APIHOOK_ENUM_END
|
|||
|
|
|
|||
|
|
/*++
|
|||
|
|
|
|||
|
|
DisableStickyKeys saves the current value for LPSTICKYKEYS and then disables the option.
|
|||
|
|
|
|||
|
|
--*/
|
|||
|
|
|
|||
|
|
VOID
|
|||
|
|
SetSidForOwner()
|
|||
|
|
{
|
|||
|
|
BYTE sidBuffer[50];
|
|||
|
|
PSID pSID = (PSID)&sidBuffer;
|
|||
|
|
SID_IDENTIFIER_AUTHORITY SIDAuth = SECURITY_NT_AUTHORITY;
|
|||
|
|
BOOL IsMember;
|
|||
|
|
HANDLE hToken;
|
|||
|
|
TOKEN_OWNER SIDforOwner;
|
|||
|
|
|
|||
|
|
// Open a handle to the access token for the calling process.
|
|||
|
|
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_DEFAULT, &hToken ))
|
|||
|
|
return; //if OpenProcessToken fails, do nothing
|
|||
|
|
|
|||
|
|
// Create a SID for the BUILTIN\Administrators group.
|
|||
|
|
if (!AllocateAndInitializeSid(&SIDAuth, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pSID))
|
|||
|
|
return; //if AllocateAndInitializedSid fails, do nothing
|
|||
|
|
|
|||
|
|
// Check if the administrator group SID is enabled in current process token
|
|||
|
|
if (!CheckTokenMembership(NULL, pSID, &IsMember))
|
|||
|
|
return; //if CheckTokenMembership fails, do nothing
|
|||
|
|
|
|||
|
|
SIDforOwner.Owner = pSID;
|
|||
|
|
|
|||
|
|
// if the administrator group SID is enabled in current process token, call SetTokenInformation to set the SID for Owner.
|
|||
|
|
if (IsMember)
|
|||
|
|
SetTokenInformation(hToken, TokenOwner, &SIDforOwner, sizeof(SIDforOwner));
|
|||
|
|
|
|||
|
|
return;
|
|||
|
|
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
BOOL
|
|||
|
|
NOTIFY_FUNCTION(
|
|||
|
|
DWORD fdwReason
|
|||
|
|
)
|
|||
|
|
{
|
|||
|
|
if (fdwReason == SHIM_STATIC_DLLS_INITIALIZED) {
|
|||
|
|
SetSidForOwner();
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
return TRUE;
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
/*++
|
|||
|
|
|
|||
|
|
Register hooked functions
|
|||
|
|
|
|||
|
|
--*/
|
|||
|
|
|
|||
|
|
|
|||
|
|
HOOK_BEGIN
|
|||
|
|
|
|||
|
|
CALL_NOTIFY_FUNCTION
|
|||
|
|
|
|||
|
|
HOOK_END
|
|||
|
|
|
|||
|
|
|
|||
|
|
IMPLEMENT_SHIM_END
|
|||
|
|
|