global: use SECURITY_DESCRIPTOR apis from x/sys/windows

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

2 files changed, 4 insertions, 7 deletions

diff --git a/elevate/privileges.go b/elevate/privileges.go
index a02d8a5d..eae0ac3e 100644
--- a/elevate/privileges.go
+++ b/elevate/privileges.go
@@ -14,19 +14,15 @@ import (
 )
 
 func DropAllPrivileges(retainDriverLoading bool) error {
-	processHandle, err := windows.GetCurrentProcess()
-	if err != nil {
-		return err
-	}
 	var luid windows.LUID
 	if retainDriverLoading {
-		err = windows.LookupPrivilegeValue(nil, windows.StringToUTF16Ptr("SeLoadDriverPrivilege"), &luid)
+		err := windows.LookupPrivilegeValue(nil, windows.StringToUTF16Ptr("SeLoadDriverPrivilege"), &luid)
 		if err != nil {
 			return err
 		}
 	}
 	var processToken windows.Token
-	err = windows.OpenProcessToken(processHandle, windows.TOKEN_READ|windows.TOKEN_WRITE, &processToken)
+	err := windows.OpenProcessToken(windows.GetCurrentProcess(), windows.TOKEN_READ|windows.TOKEN_WRITE, &processToken)
 	if err != nil {
 		return err
 	}
diff --git a/elevate/shellexecute.go b/elevate/shellexecute.go
index 2c4190e0..b1dcc155 100644
--- a/elevate/shellexecute.go
+++ b/elevate/shellexecute.go
@@ -45,7 +45,8 @@ func ShellExecute(program string, arguments string, directory string, show int32
 		}
 	}()
 
-	processToken, err := windows.OpenCurrentProcessToken()
+	var processToken windows.Token
+	err = windows.OpenProcessToken(windows.GetCurrentProcess(), windows.TOKEN_QUERY|windows.TOKEN_DUPLICATE, &processToken)
 	if err != nil {
 		return
 	}