From 6f66c7697d3bb6a259bf8d0261490cdee0ef8986 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Mon, 16 Sep 2019 23:36:49 -0600
Subject: global: use SECURITY_DESCRIPTOR apis from x/sys/windows

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 elevate/privileges.go   | 8 ++------
 elevate/shellexecute.go | 3 ++-
 2 files changed, 4 insertions(+), 7 deletions(-)

(limited to 'elevate')

diff --git a/elevate/privileges.go b/elevate/privileges.go
index a02d8a5d..eae0ac3e 100644
--- a/elevate/privileges.go
+++ b/elevate/privileges.go
@@ -14,19 +14,15 @@ import (
 )
 
 func DropAllPrivileges(retainDriverLoading bool) error {
-	processHandle, err := windows.GetCurrentProcess()
-	if err != nil {
-		return err
-	}
 	var luid windows.LUID
 	if retainDriverLoading {
-		err = windows.LookupPrivilegeValue(nil, windows.StringToUTF16Ptr("SeLoadDriverPrivilege"), &luid)
+		err := windows.LookupPrivilegeValue(nil, windows.StringToUTF16Ptr("SeLoadDriverPrivilege"), &luid)
 		if err != nil {
 			return err
 		}
 	}
 	var processToken windows.Token
-	err = windows.OpenProcessToken(processHandle, windows.TOKEN_READ|windows.TOKEN_WRITE, &processToken)
+	err := windows.OpenProcessToken(windows.GetCurrentProcess(), windows.TOKEN_READ|windows.TOKEN_WRITE, &processToken)
 	if err != nil {
 		return err
 	}
diff --git a/elevate/shellexecute.go b/elevate/shellexecute.go
index 2c4190e0..b1dcc155 100644
--- a/elevate/shellexecute.go
+++ b/elevate/shellexecute.go
@@ -45,7 +45,8 @@ func ShellExecute(program string, arguments string, directory string, show int32
 		}
 	}()
 
-	processToken, err := windows.OpenCurrentProcessToken()
+	var processToken windows.Token
+	err = windows.OpenProcessToken(windows.GetCurrentProcess(), windows.TOKEN_QUERY|windows.TOKEN_DUPLICATE, &processToken)
 	if err != nil {
 		return
 	}
-- 
cgit v1.2.3-59-g8ed1b