diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-08-28 22:30:35 -0600 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-08-30 08:47:21 -0600 |
commit | 2bbd162221e56e0312593cb05956c100f253ff98 (patch) | |
tree | 2dab80c185282b6cb9270836cef88f852afe5a40 /elevate/membership.go | |
parent | elevate: use more strict check for admin group (diff) | |
download | wireguard-windows-2bbd162221e56e0312593cb05956c100f253ff98.tar.xz wireguard-windows-2bbd162221e56e0312593cb05956c100f253ff98.zip |
elevate: check for desktop admin ownership
Diffstat (limited to 'elevate/membership.go')
-rw-r--r-- | elevate/membership.go | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/elevate/membership.go b/elevate/membership.go index ccd0b60e..131c6d97 100644 --- a/elevate/membership.go +++ b/elevate/membership.go @@ -35,3 +35,27 @@ func TokenIsElevatedOrElevatable(token windows.Token) bool { defer linked.Close() return linked.IsElevated() && isAdmin(linked) } + +func IsAdminDesktop() (bool, error) { + hwnd := getShellWindow() + if hwnd == 0 { + return false, windows.ERROR_INVALID_WINDOW_HANDLE + } + var pid uint32 + _, err := getWindowThreadProcessId(hwnd, &pid) + if err != nil { + return false, err + } + process, err := windows.OpenProcess(windows.PROCESS_QUERY_INFORMATION, false, pid) + if err != nil { + return false, err + } + defer windows.CloseHandle(process) + var token windows.Token + err = windows.OpenProcessToken(process, windows.TOKEN_QUERY | windows.TOKEN_IMPERSONATE, &token) + if err != nil { + return false, err + } + defer token.Close() + return TokenIsElevatedOrElevatable(token), nil +}
\ No newline at end of file |