blob: ccd0b60ea490da96ab0bead4fa3207ecec78da68 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
/* SPDX-License-Identifier: MIT
*
* Copyright (C) 2019 WireGuard LLC. All Rights Reserved.
*/
package elevate
import (
"golang.org/x/sys/windows"
)
func isAdmin(token windows.Token) bool {
builtinAdminsGroup, err := windows.CreateWellKnownSid(windows.WinBuiltinAdministratorsSid)
if err != nil {
return false
}
var checkableToken windows.Token
err = windows.DuplicateTokenEx(token, windows.TOKEN_QUERY | windows.TOKEN_IMPERSONATE, nil, windows.SecurityIdentification, windows.TokenImpersonation, &checkableToken)
if err != nil {
return false
}
defer checkableToken.Close()
isAdmin, err := checkableToken.IsMember(builtinAdminsGroup)
return isAdmin && err == nil
}
func TokenIsElevatedOrElevatable(token windows.Token) bool {
if token.IsElevated() && isAdmin(token) {
return true
}
linked, err := token.GetLinkedToken()
if err != nil {
return false
}
defer linked.Close()
return linked.IsElevated() && isAdmin(linked)
}
|