Skip to content

Commit

Permalink
Add DisableProcessPrivileges
Browse files Browse the repository at this point in the history
Signed-off-by: John Howard <jhoward@microsoft.com>
  • Loading branch information
John Howard committed Nov 2, 2016
1 parent ce2922f commit e43ad79
Showing 1 changed file with 13 additions and 4 deletions.
17 changes: 13 additions & 4 deletions privilege.go
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ func RunWithPrivileges(names []string, fn func() error) error {
return err
}
defer releaseThreadToken(token)
err = adjustPrivileges(token, privileges)
err = adjustPrivileges(token, privileges, SE_PRIVILEGE_ENABLED)
if err != nil {
return err
}
Expand All @@ -110,6 +110,15 @@ func mapPrivileges(names []string) ([]uint64, error) {

// EnableProcessPrivileges enables privileges globally for the process.
func EnableProcessPrivileges(names []string) error {
return enableDisableProcessPrivilege(names, SE_PRIVILEGE_ENABLED)
}

// DisableProcessPrivileges disables privileges globally for the process.
func DisableProcessPrivileges(names []string) error {
return enableDisableProcessPrivilege(names, 0)
}

func enableDisableProcessPrivilege(names []string, action uint32) error {
privileges, err := mapPrivileges(names)
if err != nil {
return err
Expand All @@ -123,15 +132,15 @@ func EnableProcessPrivileges(names []string) error {
}

defer token.Close()
return adjustPrivileges(token, privileges)
return adjustPrivileges(token, privileges, action)
}

func adjustPrivileges(token windows.Token, privileges []uint64) error {
func adjustPrivileges(token windows.Token, privileges []uint64, action uint32) error {
var b bytes.Buffer
binary.Write(&b, binary.LittleEndian, uint32(len(privileges)))
for _, p := range privileges {
binary.Write(&b, binary.LittleEndian, p)
binary.Write(&b, binary.LittleEndian, uint32(SE_PRIVILEGE_ENABLED))
binary.Write(&b, binary.LittleEndian, action)
}
prevState := make([]byte, b.Len())
reqSize := uint32(0)
Expand Down

0 comments on commit e43ad79

Please sign in to comment.