Hi all, I asked this in another forum also but thought I'd give it a shot here.
I'd like to programmatically determine whether the process my dll is running in has had its authority elevated. I think I remember having read about an API call that would tell me this, but I can't find that doc anymore. This info will help me do the right/safe thing in an app that MS would say should be split into two parts: non-admin and admin -- but that I do not have time to split. I see there is an entry point exported from kernel32.dll called "CheckElevation", but I see no doc on this anywhere. Thanks!
How can my process best tell if it is running elevated?
Hot Topic
- help!can't receive broadcast packets from other net section on vista.
- MSI : How to store the value returned by function call of DLL in CustomAction table
- usbser.sys replacement in Vista?
- Sandbox client-to-client
- properties - file dialog
- regsvr32 is failing for dll compiled in visual studio 2003 or 2005
- FASTOEM=1
- State workflow bug
- Creating WF Rules From CodeDom
- How to make an Activity appear like an image?
Windows Vista
- Graphic Driver(s) Problem
- Expense Reporting Demo
- Debug step into code behind SharePoint Sequential Workflow
- CodeCompileUnit question
- Returns non-zero value for the handle while using LoadLibrary in vista
- Detect when being run as admin via Visual Basic code?
- Help For UNICODE For Windows Vista RC1 build 5600
- Update Lyrics for WMP11
- Changing workflow assembly during runtime
- Windows Security
How can my process best tell if it is running elevated?
BJohansson
I am not sure if this is the best or the "right" way, but it is a way.
Start off with getting your process's token:
HANDLE hToken;
OpenProcessToken(GetCurrentProcess(), TOKEN_READ, &hToken);
You can then look at either or both the TokenElevationType or TokenElevation token property:
DWORD infoLen;
TOKEN_ELEVATION_TYPE elevationType;
GetTokenInformation(
hToken, TokenElevationType,
&elevationType, sizeof(elevationType), &infoLen)
TOKEN_ELEVATION elevation;
GetTokenInformation(
hToken, TokenElevation,
&elevation, sizeof(elevation), &infoLen)
I am not sure why Microsoft has both of these in the token, or which one is better to use.
ferrethouse
Derek Ju
Yes, this stuff is defined in the Vista version(s) of the SDK - and the latest is the one that came with Vista RC1. For your convenience, here are the relevant sections:
typedef enum _TOKEN_INFORMATION_CLASS {
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass // MaxTokenInfoClass should always be the last enum
} TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
typedef enum _TOKEN_ELEVATION_TYPE {
TokenElevationTypeDefault = 1,
TokenElevationTypeFull,
TokenElevationTypeLimited,
} TOKEN_ELEVATION_TYPE, *PTOKEN_ELEVATION_TYPE;
typedef struct _TOKEN_ELEVATION {
DWORD TokenIsElevated;
} TOKEN_ELEVATION, *PTOKEN_ELEVATION;