diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-07 20:47:56 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-08 08:31:00 +0200 |
commit | 6e667722e9d24bec9056838a8aec857c690e845c (patch) | |
tree | 679994c0ea07db140c6db8295317fa7968a02044 /service/service_manager.go | |
parent | service: give process elevated security attributes plus logon session ID with minimal permissions (diff) | |
download | wireguard-windows-6e667722e9d24bec9056838a8aec857c690e845c.tar.xz wireguard-windows-6e667722e9d24bec9056838a8aec857c690e845c.zip |
service: local system's token is a bit more locked down than elevated
Diffstat (limited to 'service/service_manager.go')
-rw-r--r-- | service/service_manager.go | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/service/service_manager.go b/service/service_manager.go index 2862c729..722f954d 100644 --- a/service/service_manager.go +++ b/service/service_manager.go @@ -118,9 +118,10 @@ func (service *managerService) Execute(args []string, r <-chan svc.ChangeRequest log.Printf("Unable to determine elevated environment: %v", err) return } - securityAttributes, err := getSecurityAttributes(userTokenInfo.elevatedToken, userToken) + currentProcess, _ := windows.GetCurrentProcess() + securityAttributes, err := getSecurityAttributes(windows.Token(currentProcess), userToken) if err != nil { - log.Printf("Unable to extract security attributes from elevated token and combine them with SID from user token: %v", err) + log.Printf("Unable to extract security attributes from manager token and combine them with SID from user token: %v", err) return } for { |