Re: [win-pv-devel] [PATCH 2/4] Add option to elevate administrator users

[Paul Durrant <pdurrant@xxxxxxxxx>]

On Thu, 7 Nov 2019 at 15:53, Owen Smith <owen.smith@xxxxxxxxxx> wrote:
>
> If the user has Administrator access, add a prompt and ability to
> elevate the access to the Administrator privilege level instead of
> retaining the user privilege level.
>
> Signed-off-by: Owen Smith <owen.smith@xxxxxxxxxx>

Acked-by: Paul Durrant <paul@xxxxxxx>

> ---
>  src/tty/tty.c | 68 
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 68 insertions(+)
>
> diff --git a/src/tty/tty.c b/src/tty/tty.c
> index 035f18c..e295f06 100644
> --- a/src/tty/tty.c
> +++ b/src/tty/tty.c
> @@ -52,6 +52,7 @@ typedef struct _TTY_CONTEXT {
>      TTY_STREAM          Device;
>      TCHAR               UserName[MAXIMUM_BUFFER_SIZE];
>      HANDLE              Token;
> +    HANDLE              OriginalToken;
>      PROCESS_INFORMATION ProcessInfo;
>  } TTY_CONTEXT, *PTTY_CONTEXT;
>
> @@ -349,6 +350,69 @@ GetCredentials(
>      return TRUE;
>  }
>
> +static BOOL
> +RequestElevation(
> +    VOID
> +    )
> +{
> +    PTTY_CONTEXT            Context = &TtyContext;
> +    TOKEN_ELEVATION_TYPE    Elevation;
> +    DWORD                   Size;
> +    TCHAR                   Buffer[MAXIMUM_BUFFER_SIZE];
> +    PTCHAR                  End;
> +    TOKEN_LINKED_TOKEN      LinkedToken;
> +    BOOL                    Success;
> +
> +    Success = GetTokenInformation(Context->Token,
> +                                  TokenElevationType,
> +                                  &Elevation,
> +                                  sizeof(Elevation),
> +                                  &Size);
> +    if (!Success)
> +        return TRUE;
> +
> +    if (Elevation != TokenElevationTypeLimited)
> +        return TRUE;
> +
> +    ECHO(&Context->Device, "\r\n");
> +    ECHO(&Context->Device, " run as Administrator [yes|no]: ");
> +
> +    ZeroMemory(Buffer, sizeof (Buffer));
> +
> +    Success = GetLine(&Context->Device,
> +                      Buffer,
> +                      sizeof (Buffer),
> +                      &Size,
> +                      FALSE);
> +    if (!Success)
> +        return FALSE;
> +
> +    End = _tcschr(Buffer, TEXT('\r'));
> +    if (End == NULL)
> +        return FALSE;
> +
> +    *End = TEXT('\0');
> +
> +    if (_tcslen(Buffer) == 0)
> +        return FALSE;
> +
> +    if (_tcscmp(Buffer, TEXT("yes")) != 0)
> +        return TRUE;
> +
> +    Success = GetTokenInformation(Context->Token,
> +                                  TokenLinkedToken,
> +                                  &LinkedToken,
> +                                  sizeof(LinkedToken),
> +                                  &Size);
> +    if (!Success)
> +        return FALSE;
> +
> +    Context->OriginalToken = Context->Token;
> +    Context->Token = LinkedToken.LinkedToken;
> +
> +    return TRUE;
> +}
> +
>  static DWORD WINAPI
>  TtyIn(
>      IN  LPVOID      Argument
> @@ -498,6 +562,10 @@ _tmain(
>
>      ZeroMemory(Password, sizeof(Password));
>
> +    if (!Success)
> +        ExitProcess(1);
> +
> +    Success = RequestElevation();
>      if (!Success)
>          ExitProcess(1);
>
> --
> 2.16.2.windows.1
>
>
> _______________________________________________
> win-pv-devel mailing list
> win-pv-devel@xxxxxxxxxxxxxxxxxxxx
> https://lists.xenproject.org/mailman/listinfo/win-pv-devel

_______________________________________________
win-pv-devel mailing list
win-pv-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/win-pv-devel