Search
Module:
Directory
Constants
Delegates
Enums
Interfaces
Structures

   Desktop Functions:
advapi32
avifil32
cards
cfgmgr32
comctl32
comdlg32
credui
crypt32
dbghelp
dbghlp
dbghlp32
dhcpsapi
difxapi
dmcl40
dnsapi
dtl
dwmapi
faultrep
fbwflib
fltlib
fwpuclnt
gdi32
gdiplus
getuname
glu32
glut32
gsapi
hhctrl
hid
hlink
httpapi
icmp
imm32
iphlpapi
iprop
irprops
kernel32
mapi32
MinCore
mpr
mqrt
mscorsn
msdelta
msdrm
msi
msports
msvcrt
ncrypt
netapi32
ntdll
ntdsapi
odbc32
odbccp32
ole32
oleacc
oleaut32
opengl32
pdh
powrprof
printui
propsys
psapi
pstorec
query
quickusb
rasapi32
rpcrt4
scarddlg
secur32
setupapi
shell32
shlwapi
twain_32
unicows
urlmon
user32
userenv
uxtheme
version
wer
wevtapi
winfax
winhttp
wininet
winmm
winscard
winspool
wintrust
winusb
wlanapi
ws2_32
wtsapi32
xolehlp
xpsprint

   Smart Device Functions:
aygshell
coredll
ipaqutil
rapi


Show Recent Changes
Subscribe (RSS)
Misc. Pages
Comments
FAQ
Helpful Tools
Playground
Suggested Reading
Website TODO List
Download Visual Studio Add-In
SECURITY_MANDATORY (Constants)
 
.
Summary
SECURITY MANDATORY constants to identify Integrity Level

C# Constants:

    const int SECURITY_MANDATORY_UNTRUSTED_RID = (0x00000000);
    const int SECURITY_MANDATORY_LOW_RID = (0x00001000);
    const int SECURITY_MANDATORY_MEDIUM_RID = (0x00002000);
    const int SECURITY_MANDATORY_HIGH_RID = (0x00003000);
    const int SECURITY_MANDATORY_SYSTEM_RID = (0x00004000);
    const int SECURITY_MANDATORY_PROTECTED_PROCESS_RID = (0x00005000);

VB Constants:

TODO

Sample Code (C#):

How to use:

try {
  UtIL.IntegrityLevel level = UtIL.GetIntegrityLevel();
}
catch (NotSupportedException) { // 2003 svr, XP, 2000, etc
  ...
}

Integrity Level is:

public enum IntegrityLevel {
  Low, Medium, High, System, None,
}

Code:

using System;
using System.Runtime.InteropServices;
using System.Diagnostics;
using System.ComponentModel;

namespace ConsoleApplication1 {
    public class UtIL {
        [DllImport("advapi32.dll", SetLastError = true)]
        static extern IntPtr GetSidSubAuthority(IntPtr sid, UInt32 subAuthorityIndex);

        [DllImport("advapi32.dll", SetLastError = true)]
        static extern IntPtr GetSidSubAuthorityCount(IntPtr sid);

        // winnt.h, Windows SDK v6.1
        const int SECURITY_MANDATORY_UNTRUSTED_RID = (0x00000000);
        const int SECURITY_MANDATORY_LOW_RID = (0x00001000);
        const int SECURITY_MANDATORY_MEDIUM_RID = (0x00002000);
        const int SECURITY_MANDATORY_HIGH_RID = (0x00003000);
        const int SECURITY_MANDATORY_SYSTEM_RID = (0x00004000);
        const int SECURITY_MANDATORY_PROTECTED_PROCESS_RID = (0x00005000);

        [DllImport("advapi32.dll", SetLastError = true)]
        [return: MarshalAs(UnmanagedType.Bool)]
        static extern bool OpenProcessToken(
            IntPtr ProcessHandle,
            UInt32 DesiredAccess,
            out IntPtr TokenHandle
            );

        const UInt32 TOKEN_QUERY = 0x0008;

        [DllImport("advapi32.dll", SetLastError = true)]
        static extern bool GetTokenInformation(
            IntPtr TokenHandle,
            TOKEN_INFORMATION_CLASS TokenInformationClass,
            IntPtr TokenInformation,
            uint TokenInformationLength,
            out uint ReturnLength
            );

        enum TOKEN_INFORMATION_CLASS {
            TokenUser = 1, TokenGroups, TokenPrivileges, TokenOwner, TokenPrimaryGroup, TokenDefaultDacl, TokenSource, TokenType, TokenImpersonationLevel, TokenStatistics, TokenRestrictedSids, TokenSessionId, TokenGroupsAndPrivileges, TokenSessionReference, TokenSandBoxInert, TokenAuditPolicy, TokenOrigin, TokenElevationType, TokenLinkedToken, TokenElevation, TokenHasRestrictions, TokenAccessInformation, TokenVirtualizationAllowed, TokenVirtualizationEnabled,

            /// <summary>
            /// The buffer receives a TOKEN_MANDATORY_LABEL structure that specifies the token's integrity level.
            /// </summary>
            TokenIntegrityLevel,

            TokenUIAccess, TokenMandatoryPolicy, TokenLogonSid, MaxTokenInfoClass
        }

        // http://d.hatena.ne.jp/espresso3389/20100413/1271152244
        // http://msdn.microsoft.com/en-us/library/bb625966.aspx

        const int ERROR_INVALID_PARAMETER = 87;

        [DllImport("kernel32.dll", SetLastError = true)]
        static extern bool CloseHandle(IntPtr hHandle);

        public enum IntegrityLevel {
            Low, Medium, High, System, None,
        }

        public static IntegrityLevel GetIntegrityLevel() {
            IntPtr pId = (Process.GetCurrentProcess().Handle);

            IntPtr hToken = IntPtr.Zero;
            if (OpenProcessToken(pId, TOKEN_QUERY, out hToken)) {
                try {
                    IntPtr pb = Marshal.AllocCoTaskMem(1000);
                    try {
                        uint cb = 1000;
                        if (GetTokenInformation(hToken, TOKEN_INFORMATION_CLASS.TokenIntegrityLevel, pb, cb, out cb)) {
                            IntPtr pSid = Marshal.ReadIntPtr(pb);

                            int dwIntegrityLevel = Marshal.ReadInt32(GetSidSubAuthority(pSid, (Marshal.ReadByte(GetSidSubAuthorityCount(pSid)) - 1U)));

                            if (dwIntegrityLevel == SECURITY_MANDATORY_LOW_RID) {
                                return IntegrityLevel.Low;
                            }
                            else if (dwIntegrityLevel >= SECURITY_MANDATORY_MEDIUM_RID && dwIntegrityLevel < SECURITY_MANDATORY_HIGH_RID) {
                                // Medium Integrity
                                return IntegrityLevel.Medium;
                            }
                            else if (dwIntegrityLevel >= SECURITY_MANDATORY_HIGH_RID) {
                                // High Integrity
                                return IntegrityLevel.High;
                            }
                            else if (dwIntegrityLevel >= SECURITY_MANDATORY_SYSTEM_RID) {
                                // System Integrity
                                return IntegrityLevel.System;
                            }
                            return IntegrityLevel.None;
                        }
                        else {
                            int errno = Marshal.GetLastWin32Error();
                            if (errno == ERROR_INVALID_PARAMETER) {
                                throw new NotSupportedException();
                            }
                            throw new Win32Exception(errno);
                        }
                    }
                    finally {
                        Marshal.FreeCoTaskMem(pb);
                    }
                }
                finally {
                    CloseHandle(hToken);
                }
            }
            {
                int errno = Marshal.GetLastWin32Error();
                throw new Win32Exception(errno);
            }
        }

        static void Main(string[] args) {
            try {
                // Output candidates:

                // Not supported!
                // Medium
                // High

                Console.WriteLine(UtIL.GetIntegrityLevel());
            }
            catch (Exception) {
                Console.WriteLine("Not supported!");
            }
        }
    }
}

Notes:

It is useful to implement ShowProcessIntegrityLevel method coded in following page.

Appendix D: Getting the Integrity Level for an Access Token

http://msdn.microsoft.com/en-us/library/bb625966.aspx

 

Please edit this page!

Do you have...

  • helpful tips?
  • corrections to the existing content?
  • additional languages you want to include?

Select "Edit This Page" on the right hand toolbar and edit it!

 
Access PInvoke.net directly from VS:
Terms of Use
Edit This Page
Find References
Show Printable Version
Revisions