I'm tr开发者_运维知识库ying to see if the user has the SeLoadDriver privilege. I've got the PLUID :
PLUID pld;
LookupPrivilegeValue(NULL, SE_LOAD_DRIVER_NAME, pld);
But now i'm not sure how to get a bool from the PLUID stating that the user has, or not, the privilege. I've read the related methods but it think that it might be an easy way of getting this directly from the PLUID value.
Thanks
It's a little more involved than that.
First you need to obtain the process token's privilege set (by calling GetTokenInformation()
) then you scan the buffer that you've got from that (which is an array of LUID_AND_ATTRIBUTES
structures) for the LUID that you get from LookupPrivilegeValue()
. You can then use the LUID_AND_ATTRIBUTES
that you've located and check to see if the Attributes
contain the required flag (SE_PRIVILEGE_ENABLED
in your case).
Be aware that when you are checking for an enabled privilege you should also check that SE_PRIVILEGE_REMOVED
is NOT set in the Attributes
that you are checking; a privilege that has both SE_PRIVILEGE_REMOVED
and SE_PRIVILEGE_ENABLED
has been removed and is NOT enabled...
精彩评论