Peter Seaman said:
Yes of course. I did actually say ps.Privileges[0].Attributes = 0; but
mis-typed the code above.
PRIVILEGE_SET ps = new _PRIVILEGE_SET;
ps.Privileges[0].Attributes = 0;
Peter,
Not exactly sure what you want to use the Privileges for, but following is a
small sample that illustrates how you check security privileges using
embedded structs in C# (whithout using usafe code).
But again I would never use C# for this, this is realy the domain of the
Managed Extensions for C++ .
using System;
using System.Runtime.InteropServices;
using System.Security.Principal;
namespace Willys
{
[StructLayout(LayoutKind.Sequential)]
public struct _PRIVILEGE_SET
{
public uint PrivilegeCount;
public uint Control;
public LUID_AND_ATTRIBUTES Privilege_1; // Only one struct anyway, so no
array declaration
}
[StructLayout(LayoutKind.Sequential)]
public struct LUID_AND_ATTRIBUTES
{
public LUID Luid;
public uint Attributes;
}
[StructLayout(LayoutKind.Sequential)]
public struct LUID
{
public uint LowPart;
public uint HighPart;
}
public sealed class StructInspector
{
// dump serialized object or struct
public static void DisplayStruct(Object o)
{
const int bytesPerLinen = 16;
int totalBytes = Marshal.SizeOf(o);
Console.WriteLine("Size of object: " + totalBytes);
IntPtr ptr = IntPtr.Zero;
try
{
ptr = Marshal.AllocCoTaskMem(totalBytes);
Marshal.StructureToPtr(o, ptr, false);
byte[] bytes = new byte[bytesPerLinen];
for (int i = 0; i < totalBytes; i += bytesPerLinen )
{
for (int j = 0;j < bytesPerLinen ; j++)
{
if (i + j < totalBytes)
{
bytes[j] = Marshal.ReadByte(ptr, i+j);
Console.Write("{0:x2} ", bytes[j]);
} else
{
Console.Write(" ");
}
}
Console.Write(" ");
for (int j = 0;j < bytesPerLinen && i + j < totalBytes ; j++ )
{
if (bytes[j] < 32)
Console.Write(".");
else
Console.Write(Convert.ToChar(bytes[j]));
}
Console.WriteLine("");
}
}
finally
{
if (ptr != IntPtr.Zero)
{
Marshal.FreeCoTaskMem(ptr);
}
}
}
}
class Tester
{
[DllImport("advapi32.dll", EntryPoint="PrivilegeCheck", SetLastError=true)]
public static extern bool PrivilegeCheck( IntPtr ClientToken, ref
_PRIVILEGE_SET RequiredPrivileges, ref int pfResult);
[DllImport("advapi32.dll", SetLastError=true, CharSet=CharSet.Auto)]
public extern static bool LookupPrivilegeValue(string lpSystemName,
string lpName, ref LUID pLuid);
public const int PRIVILEGE_SET_ALL_NECESSARY = 1;
static void Main()
{
int result = 0;
IntPtr hToken;
// Setting up the PRIVILEGE_SET to contain "SeImpersonatePrivilege"
_PRIVILEGE_SET ps = new _PRIVILEGE_SET();
ps.PrivilegeCount = 1;
ps.Control = PRIVILEGE_SET_ALL_NECESSARY; // or 0 if any of
if (!LookupPrivilegeValue(null, "SeImpersonatePrivilege", ref
ps.Privilege_1.Luid))
{
Console.WriteLine("<LookupPrivilegeValue> Win32 Error {0}",
Marshal.GetLastWin32Error());
}
StructInspector.DisplayStruct(ps);
WindowsIdentity.Impersonate(WindowsIdentity.GetCurrent().Token);
hToken = WindowsIdentity.GetCurrent().Token;
Console.WriteLine("Token used: " + hToken);
if(!PrivilegeCheck(hToken, ref ps, ref result))
Console.WriteLine("<PrivilegeCheck> Win32 Error {0}",
Marshal.GetLastWin32Error());
Console.WriteLine("Privilege set '{0}'", Convert.ToBoolean(result));
StructInspector.DisplayStruct(ps);
}
}
}
Willy.