Powershell-Modules
/
NTFSSecurity-Module
mirror of https://github.com/raandree/NTFSSecurity
1
0
Fork 0
Code Issues 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
98 Commits
3 Branches
7.1 MiB
 
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
NTFSSecurity-Module/ProcessPrivileges/ProcessExtensions.cs

423 lines
27 KiB
Raw Permalink Blame History 

  1. // <copyright file="ProcessExtensions.cs" company="Nick Lowe">

  2. // Copyright © Nick Lowe 2009

  3. // </copyright>

  4. // <author>Nick Lowe</author>

  5. // <email>nick@int-r.net</email>

  6. // <url>http://processprivileges.codeplex.com/</url>

  7. 

  8. namespace ProcessPrivileges

  9. {

  10.     using System.Diagnostics;

  11.     using System.Runtime.CompilerServices;

  12.     using System.Security.Permissions;

  13. 

  14.     /// <summary>Provides extension methods to the <see cref="Process" /> class, implementing the functionality necessary to query, enable, disable or remove privileges on a process.</summary>

  15.     /// <example>

  16.     ///     <code>

  17.     /// using System;

  18.     /// using System.Diagnostics;

  19.     /// using System.Linq;

  20.     /// using ProcessPrivileges;

  21.     /// 

  22.     /// internal static class ProcessPrivilegesExample

  23.     /// {

  24.     ///     public static void Main()

  25.     ///     {

  26.     ///         // Get the current process.

  27.     ///         Process process = Process.GetCurrentProcess();

  28.     /// 

  29.     ///         // Get the privileges and associated attributes.

  30.     ///         PrivilegeAndAttributesCollection privileges = process.GetPrivileges();

  31.     /// 

  32.     ///         int maxPrivilegeLength = privileges.Max(privilege =&gt; privilege.Privilege.ToString().Length);

  33.     /// 

  34.     ///         foreach (PrivilegeAndAttributes privilegeAndAttributes in privileges)

  35.     ///         {

  36.     ///             // The privilege.

  37.     ///             Privilege privilege = privilegeAndAttributes.Privilege;

  38.     /// 

  39.     ///             // The privilege state.

  40.     ///             PrivilegeState privilegeState = privilegeAndAttributes.PrivilegeState;

  41.     /// 

  42.     ///             // Write out the privilege and its state.

  43.     ///             Console.WriteLine(

  44.     ///                 "{0}{1} =&gt; {2}",

  45.     ///                 privilege,

  46.     ///                 GetPadding(privilege.ToString().Length, maxPrivilegeLength),

  47.     ///                 privilegeState);

  48.     ///         }

  49.     /// 

  50.     ///         Console.WriteLine();

  51.     /// 

  52.     ///         // Privileges can only be enabled on a process if they are disabled.

  53.     ///         if (process.GetPrivilegeState(Privilege.TakeOwnership) == PrivilegeState.Disabled)

  54.     ///         {

  55.     ///             // Enable the TakeOwnership privilege on it.

  56.     ///             AdjustPrivilegeResult result = process.EnablePrivilege(Privilege.TakeOwnership);

  57.     /// 

  58.     ///             // Get the state of the TakeOwnership privilege.

  59.     ///             PrivilegeState takeOwnershipState = process.GetPrivilegeState(Privilege.TakeOwnership);

  60.     /// 

  61.     ///             // Write out the TakeOwnership privilege, its state and the result.

  62.     ///             Console.WriteLine(

  63.     ///                 "{0}{1} =&gt; {2} ({3})",

  64.     ///                 Privilege.TakeOwnership,

  65.     ///                 GetPadding(Privilege.TakeOwnership.ToString().Length, maxPrivilegeLength),

  66.     ///                 takeOwnershipState,

  67.     ///                 result);

  68.     ///         }

  69.     ///     }

  70.     /// 

  71.     ///     private static string GetPadding(int length, int maxLength)

  72.     ///     {

  73.     ///         int paddingLength = maxLength - length;

  74.     ///         char[] padding = new char[paddingLength];

  75.     ///         for (int i = 0; i &lt; paddingLength; i++)

  76.     ///         {

  77.     ///             padding[i] = ' ';

  78.     ///         }

  79.     /// 

  80.     ///         return new string(padding);

  81.     ///     }

  82.     /// }

  83.     ///     </code>

  84.     ///     <code>

  85.     /// using System;

  86.     /// using System.Diagnostics;

  87.     /// using ProcessPrivileges;

  88.     /// 

  89.     /// internal static class ReusingAccessTokenHandleExample

  90.     /// {

  91.     ///     public static void Main()

  92.     ///     {

  93.     ///         // Access token handle reused within the using block.

  94.     ///         using (AccessTokenHandle accessTokenHandle =

  95.     ///             Process.GetCurrentProcess().GetAccessTokenHandle(

  96.     ///                 TokenAccessRights.AdjustPrivileges | TokenAccessRights.Query))

  97.     ///         {

  98.     ///             // Enable privileges using the same access token handle.

  99.     ///             AdjustPrivilegeResult backupResult = accessTokenHandle.EnablePrivilege(Privilege.Backup);

  100.     ///             AdjustPrivilegeResult restoreResult = accessTokenHandle.EnablePrivilege(Privilege.Restore);

  101.     /// 

  102.     ///             Console.WriteLine(

  103.     ///                 "{0} => {1} ({2})",

  104.     ///                 Privilege.Backup,

  105.     ///                 accessTokenHandle.GetPrivilegeState(Privilege.Backup),

  106.     ///                 backupResult);

  107.     /// 

  108.     ///             Console.WriteLine(

  109.     ///                 "{0} => {1} ({2})",

  110.     ///                 Privilege.Restore,

  111.     ///                 accessTokenHandle.GetPrivilegeState(Privilege.Restore),

  112.     ///                 restoreResult);

  113.     ///         }

  114.     ///     }

  115.     /// }

  116.     ///     </code>

  117.     /// </example>

  118.     /// <remarks>

  119.     ///     <para>For more information on privileges, see:</para>

  120.     ///     <para><a href="http://msdn.microsoft.com/en-us/library/aa379306.aspx">Privileges</a></para>

  121.     ///     <para><a href="http://msdn.microsoft.com/en-us/library/bb530716.aspx">Privilege Constants</a></para>

  122.     /// </remarks>

  123.     public static class ProcessExtensions

  124.     {

  125.         /// <summary>Disables the specified <see cref="Privilege"/> on a <see cref="Process"/>.</summary>

  126.         /// <param name="accessTokenHandle">The <see cref="AccessTokenHandle"/> for a <see cref="Process"/> on which the operation should be performed.</param>

  127.         /// <param name="privilege">The <see cref="Privilege"/> to be disabled.</param>

  128.         /// <returns>

  129.         ///     <para>Result from the privilege adjustment.</para>

  130.         ///     <para>If the <see cref="Privilege"/> is already disabled, <see cref="AdjustPrivilegeResult.None"/> is returned.</para>

  131.         /// </returns>

  132.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  133.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  134.         /// <remarks>The caller must have permission to query and adjust token privileges on the target process.</remarks>

  135.         [MethodImpl(MethodImplOptions.Synchronized),

  136.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  137.         public static AdjustPrivilegeResult DisablePrivilege(this AccessTokenHandle accessTokenHandle, Privilege privilege)

  138.         {

  139.             return Privileges.DisablePrivilege(accessTokenHandle, privilege);

  140.         }

  141. 

  142.         /// <summary>Disables the specified <see cref="Privilege"/> on a <see cref="Process"/>.</summary>

  143.         /// <param name="process">The <see cref="Process"/> on which the operation should be performed.</param>

  144.         /// <param name="privilege">The <see cref="Privilege"/> to be disabled.</param>

  145.         /// <returns>

  146.         ///     <para>Result from the privilege adjustment.</para>

  147.         ///     <para>If the <see cref="Privilege"/> is already disabled, <see cref="AdjustPrivilegeResult.None"/> is returned.</para>

  148.         /// </returns>

  149.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  150.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  151.         /// <remarks>

  152.         ///     <para>If you are adjusting multiple privileges on a process, consider using <see cref="DisablePrivilege(AccessTokenHandle, Privilege)"/> with an access token handle for the process.</para>

  153.         ///     <para>The caller must have permission to query and adjust token privileges on the target process.</para>

  154.         /// </remarks>

  155.         [MethodImpl(MethodImplOptions.Synchronized),

  156.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  157.         public static AdjustPrivilegeResult DisablePrivilege(this Process process, Privilege privilege)

  158.         {

  159.             using (AccessTokenHandle accessTokenHandle = new AccessTokenHandle(

  160.                 new ProcessHandle(process.Handle, false),

  161.                 TokenAccessRights.AdjustPrivileges | TokenAccessRights.Query))

  162.             {

  163.                 return DisablePrivilege(accessTokenHandle, privilege);

  164.             }

  165.         }

  166. 

  167.         /// <summary>Enables the specified <see cref="Privilege"/> on a <see cref="Process"/>.</summary>

  168.         /// <param name="accessTokenHandle">The <see cref="AccessTokenHandle"/> for a <see cref="Process"/> on which the operation should be performed.</param>

  169.         /// <param name="privilege">The <see cref="Privilege"/> to be enabled.</param>

  170.         /// <returns>

  171.         ///     <para>Result from the privilege adjustment.</para>

  172.         ///     <para>If the <see cref="Privilege"/> is already enabled, <see cref="AdjustPrivilegeResult.None"/> is returned.</para>

  173.         /// </returns>

  174.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  175.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  176.         /// <remarks>

  177.         ///     <para>Enabling a privilege allows a process to perform system-level actions that it could not previously.</para>

  178.         ///     <para>Before enabling a privilege, many potentially dangerous, thoroughly verify that functions or operations in your code actually require them.</para>

  179.         ///     <para>It is not normally appropriate to hold privileges for the lifetime of a process. Use sparingly; enable when needed, disable when not.</para>

  180.         ///     <para>Consider using <see cref="PrivilegeEnabler"/> that enables privileges on a process in a safe way, ensuring that they are returned to their original state when an operation that requires a privilege completes.</para>

  181.         ///     <para>The caller must have permission to query and adjust token privileges on the target process.</para>

  182.         /// </remarks>

  183.         [MethodImpl(MethodImplOptions.Synchronized),

  184.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  185.         public static AdjustPrivilegeResult EnablePrivilege(this AccessTokenHandle accessTokenHandle, Privilege privilege)

  186.         {

  187.             return Privileges.EnablePrivilege(accessTokenHandle, privilege);

  188.         }

  189. 

  190.         /// <summary>Enables the specified <see cref="Privilege"/> on a <see cref="Process"/>.</summary>

  191.         /// <param name="process">The <see cref="Process"/> on which the operation should be performed.</param>

  192.         /// <param name="privilege">The <see cref="Privilege"/> to be enabled.</param>

  193.         /// <returns>

  194.         ///     <para>Result from the privilege adjustment.</para>

  195.         ///     <para>If the <see cref="Privilege"/> is already enabled, <see cref="AdjustPrivilegeResult.None"/> is returned.</para>

  196.         ///     <para>If a <see cref="Privilege"/> is removed from a process, it cannot be enabled.</para>

  197.         /// </returns>

  198.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  199.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  200.         /// <remarks>

  201.         ///     <para>Enabling a privilege allows a process to perform system-level actions that it could not previously.</para>

  202.         ///     <para>Before enabling a privilege, many potentially dangerous, thoroughly verify that functions or operations in your code actually require them.</para>

  203.         ///     <para>It is not normally appropriate to hold privileges for the lifetime of a process. Use sparingly; enable when needed, disable when not.</para>

  204.         ///     <para>Consider using <see cref="PrivilegeEnabler"/> that enables privileges on a process in a safe way, ensuring that they are returned to their original state when an operation that requires a privilege completes.</para>

  205.         ///     <para>If you are adjusting multiple privileges on a process, consider using <see cref="EnablePrivilege(AccessTokenHandle, Privilege)"/> with an access token handle for the process.</para>

  206.         ///     <para>The caller must have permission to query and adjust token privileges on the target process.</para>

  207.         /// </remarks>

  208.         [MethodImpl(MethodImplOptions.Synchronized),

  209.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  210.         public static AdjustPrivilegeResult EnablePrivilege(this Process process, Privilege privilege)

  211.         {

  212.             using (AccessTokenHandle accessTokenHandle = new AccessTokenHandle(

  213.                 new ProcessHandle(process.Handle, false),

  214.                 TokenAccessRights.AdjustPrivileges | TokenAccessRights.Query))

  215.             {

  216.                 return EnablePrivilege(accessTokenHandle, privilege);

  217.             }

  218.         }

  219. 

  220.         /// <summary>Gets an access token handle for a <see cref="Process"/>.</summary>

  221.         /// <param name="process">The <see cref="Process"/> on which an access token handle should be retrieved.</param>

  222.         /// <returns>An access token handle for a <see cref="Process"/> with <see cref="TokenAccessRights.AllAccess"/> access rights.</returns>

  223.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  224.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  225.         /// <remarks>

  226.         ///     <para>The caller must have permission to acquire an access token handle with all access rights.</para>

  227.         /// </remarks>

  228.         [MethodImpl(MethodImplOptions.Synchronized),

  229.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  230.         public static AccessTokenHandle GetAccessTokenHandle(this Process process)

  231.         {

  232.             return GetAccessTokenHandle(process, TokenAccessRights.AllAccess);

  233.         }

  234. 

  235.         /// <summary>Gets an access token handle for a <see cref="Process"/>.</summary>

  236.         /// <param name="process">The <see cref="Process"/> on which an access token handle should be retrieved.</param>

  237.         /// <param name="tokenAccessRights">The desired access rights for the access token handle.</param>

  238.         /// <returns>An access token handle for a <see cref="Process"/>.</returns>

  239.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  240.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  241.         /// <remarks>

  242.         ///     <para>The caller must have permission to acquire an access token handle with the desired access rights.</para>

  243.         ///     <para>To query permissions, the access token handle must have permission to query and adjust token privileges:</para>

  244.         ///     <c>TokenAccessRights.Query</c>

  245.         ///     <para>To enable, disable or remove a permission, the access token handle must have permission to query and adjust token privileges:</para>

  246.         ///     <c>TokenAccessRights.AdjustPrivileges | TokenAccessRights.Query</c>

  247.         /// </remarks>

  248.         [MethodImpl(MethodImplOptions.Synchronized),

  249.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  250.         public static AccessTokenHandle GetAccessTokenHandle(this Process process, TokenAccessRights tokenAccessRights)

  251.         {

  252.             return new AccessTokenHandle(new ProcessHandle(process.Handle, false), tokenAccessRights);

  253.         }

  254. 

  255.         /// <summary>Gets the attributes for a <see cref="Privilege"/> on a <see cref="Process"/>.</summary>

  256.         /// <param name="accessTokenHandle">The <see cref="AccessTokenHandle"/> for a <see cref="Process"/> on which the operation should be performed.</param>

  257.         /// <param name="privilege">The <see cref="Privilege"/> on which the attributes should be retrieved.</param>

  258.         /// <returns>The <see cref="PrivilegeAttributes"/> for a <see cref="Privilege"/> on a <see cref="Process"/>.</returns>

  259.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  260.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  261.         /// <remarks>

  262.         ///     <para>Consider using <see cref="GetPrivilegeState(AccessTokenHandle, Privilege)"/> as it avoids the need to work with a flags based enumerated type.</para>

  263.         ///     <para>The caller must have permission to query token privileges on the target process.</para>

  264.         /// </remarks>

  265.         [MethodImpl(MethodImplOptions.Synchronized),

  266.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  267.         public static PrivilegeAttributes GetPrivilegeAttributes(this AccessTokenHandle accessTokenHandle, Privilege privilege)

  268.         {

  269.             return Privileges.GetPrivilegeAttributes(privilege, GetPrivileges(accessTokenHandle));

  270.         }

  271. 

  272.         /// <summary>Gets the attributes for a <see cref="Privilege"/> on a <see cref="Process"/>.</summary>

  273.         /// <param name="process">The <see cref="Process"/> on which the operation should be performed.</param>

  274.         /// <param name="privilege">The <see cref="Privilege"/> on which the attributes should be retrieved.</param>

  275.         /// <returns>The <see cref="PrivilegeAttributes"/> for a <see cref="Privilege"/> on a <see cref="Process"/>.</returns>

  276.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  277.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  278.         /// <remarks>

  279.         ///     <para>Consider using <see cref="GetPrivilegeState(Process, Privilege)"/> as it avoids the need to work with a flags based enumerated type.</para>

  280.         ///     <para>The caller must have permission to query token privileges on the target process.</para>

  281.         /// </remarks>

  282.         [MethodImpl(MethodImplOptions.Synchronized),

  283.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  284.         public static PrivilegeAttributes GetPrivilegeAttributes(this Process process, Privilege privilege)

  285.         {

  286.             return Privileges.GetPrivilegeAttributes(privilege, GetPrivileges(process));

  287.         }

  288. 

  289.         /// <summary>Gets the privileges and associated attributes from a <see cref="Process"/>.</summary>

  290.         /// <param name="accessTokenHandle">The <see cref="AccessTokenHandle"/> for a <see cref="Process"/> on which the operation should be performed.</param>

  291.         /// <returns>The privileges associated with a process.</returns>

  292.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  293.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  294.         /// <remarks>

  295.         ///     <para>Consider using <see cref="GetPrivilegeState(PrivilegeAttributes)"/> on attributes within the collection as it avoids the need to work with a flags based enumerated type.</para>

  296.         ///     <para>The caller must have permission to query token privileges on the target process.</para>

  297.         /// </remarks>

  298.         [MethodImpl(MethodImplOptions.Synchronized),

  299.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  300.         public static PrivilegeAndAttributesCollection GetPrivileges(this AccessTokenHandle accessTokenHandle)

  301.         {

  302.             return Privileges.GetPrivileges(accessTokenHandle);

  303.         }

  304. 

  305.         /// <summary>Gets the privileges and associated attributes from a <see cref="Process"/>.</summary>

  306.         /// <param name="process">The <see cref="Process"/> on which the operation should be performed.</param>

  307.         /// <returns>The privileges associated with a process.</returns>

  308.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  309.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  310.         /// <remarks>

  311.         ///     <para>Consider using <see cref="GetPrivilegeState(PrivilegeAttributes)"/> method on attributes within the collection as it avoids the need to work with a flags based enumerated type.</para>

  312.         ///     <para>The caller must have permission to query token privileges on the target process.</para>

  313.         /// </remarks>

  314.         [MethodImpl(MethodImplOptions.Synchronized),

  315.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  316.         public static PrivilegeAndAttributesCollection GetPrivileges(this Process process)

  317.         {

  318.             using (AccessTokenHandle accessTokenHandle = new AccessTokenHandle(

  319.                 new ProcessHandle(process.Handle, false),

  320.                 TokenAccessRights.Query))

  321.             {

  322.                 return Privileges.GetPrivileges(accessTokenHandle);

  323.             }

  324.         }

  325. 

  326.         /// <summary>Gets the state of a <see cref="Privilege"/>.</summary>

  327.         /// <param name="accessTokenHandle">The <see cref="AccessTokenHandle"/> for a <see cref="Process"/> on which the operation should be performed.</param>

  328.         /// <param name="privilege">The <see cref="Privilege"/> that should be checked.</param>

  329.         /// <returns>The <see cref="PrivilegeState"/> of the <see cref="Privilege"/>.</returns>

  330.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  331.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  332.         /// <remarks>

  333.         ///     <para>Derives <see cref="GetPrivilegeAttributes(AccessTokenHandle, Privilege)"/> to establish the <see cref="PrivilegeState"/> of a <see cref="Privilege"/>.</para>

  334.         ///     <para>The caller must have permission to query token privileges on the target process.</para>

  335.         /// </remarks>

  336.         [MethodImpl(MethodImplOptions.Synchronized),

  337.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  338.         public static PrivilegeState GetPrivilegeState(this AccessTokenHandle accessTokenHandle, Privilege privilege)

  339.         {

  340.             return GetPrivilegeState(GetPrivilegeAttributes(accessTokenHandle, privilege));

  341.         }

  342. 

  343.         /// <summary>Gets the state of a <see cref="Privilege"/>.</summary>

  344.         /// <param name="process">The <see cref="Process"/> on which the operation should be performed.</param>

  345.         /// <param name="privilege">The <see cref="Privilege"/> that should be checked.</param>

  346.         /// <returns>The <see cref="PrivilegeState"/> of the <see cref="Privilege"/>.</returns>

  347.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  348.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  349.         /// <remarks>

  350.         ///     <para>Derives <see cref="GetPrivilegeAttributes(AccessTokenHandle, Privilege)"/> to establish the <see cref="PrivilegeState"/> of a <see cref="Privilege"/>.</para>

  351.         ///     <para>The caller must have permission to query token privileges on the target process.</para>

  352.         /// </remarks>

  353.         [MethodImpl(MethodImplOptions.Synchronized),

  354.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  355.         public static PrivilegeState GetPrivilegeState(this Process process, Privilege privilege)

  356.         {

  357.             return GetPrivilegeState(GetPrivilegeAttributes(process, privilege));

  358.         }

  359. 

  360.         /// <summary>Gets the state of a <see cref="Privilege"/>.</summary>

  361.         /// <param name="privilegeAttributes">The privilege attributes.</param>

  362.         /// <returns>The <see cref="PrivilegeState"/> of the <see cref="Privilege"/>.</returns>

  363.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  364.         /// <remarks>Derives <see cref="PrivilegeAttributes"/> to establish the <see cref="PrivilegeState"/> of a <see cref="Privilege"/>.</remarks>

  365.         [MethodImpl(MethodImplOptions.Synchronized)]

  366.         public static PrivilegeState GetPrivilegeState(PrivilegeAttributes privilegeAttributes)

  367.         {

  368.             if ((privilegeAttributes & PrivilegeAttributes.Enabled) == PrivilegeAttributes.Enabled)

  369.             {

  370.                 return PrivilegeState.Enabled;

  371.             }

  372. 

  373.             if ((privilegeAttributes & PrivilegeAttributes.Removed) == PrivilegeAttributes.Removed)

  374.             {

  375.                 return PrivilegeState.Removed;

  376.             }

  377. 

  378.             return PrivilegeState.Disabled;

  379.         }

  380. 

  381.         /// <summary>Removes the specified <see cref="Privilege"/> from a <see cref="Process"/>.</summary>

  382.         /// <param name="accessTokenHandle">The <see cref="AccessTokenHandle"/> for a <see cref="Process"/> on which the operation should be performed.</param>

  383.         /// <param name="privilege">The <see cref="Privilege"/> to be removed.</param>

  384.         /// <returns>

  385.         ///     <para>Result from the privilege adjustment.</para>

  386.         ///     <para>Once a privilege has been removed from a process, it cannot be restored afterwards.</para>

  387.         /// </returns>

  388.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  389.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  390.         /// <remarks>The caller must have permission to query and adjust token privileges on the target process.</remarks>

  391.         [MethodImpl(MethodImplOptions.Synchronized),

  392.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  393.         public static AdjustPrivilegeResult RemovePrivilege(this AccessTokenHandle accessTokenHandle, Privilege privilege)

  394.         {

  395.             return Privileges.RemovePrivilege(accessTokenHandle, privilege);

  396.         }

  397. 

  398.         /// <summary>Removes the specified <see cref="Privilege"/> from a <see cref="Process"/>.</summary>

  399.         /// <param name="process">The <see cref="Process"/> on which the operation should be performed.</param>

  400.         /// <param name="privilege">The <see cref="Privilege"/> to be removed.</param>

  401.         /// <returns>

  402.         ///     <para>Result from the privilege adjustment.</para>

  403.         ///     <para>Once a privilege has been removed from a process, it cannot be restored afterwards.</para>

  404.         /// </returns>

  405.         /// <exception cref="Win32Exception">Thrown when an underlying Win32 function call does not succeed.</exception>

  406.         /// <permission cref="SecurityAction.LinkDemand">Requires the immediate caller to have FullTrust.</permission>

  407.         /// <remarks>

  408.         ///     <para>If you are adjusting multiple privileges on a process, consider using <see cref="RemovePrivilege(AccessTokenHandle, Privilege)"/> with an access token handle for the process.</para>

  409.         ///     <para>The caller must have permission to query and adjust token privileges on the target process.</para>

  410.         /// </remarks>

  411.         [MethodImpl(MethodImplOptions.Synchronized),

  412.         PermissionSetAttribute(SecurityAction.LinkDemand, Name = "FullTrust")]

  413.         public static AdjustPrivilegeResult RemovePrivilege(this Process process, Privilege privilege)

  414.         {

  415.             using (AccessTokenHandle accessTokenHandle = new AccessTokenHandle(

  416.                 new ProcessHandle(process.Handle, false),

  417.                 TokenAccessRights.AdjustPrivileges | TokenAccessRights.Query))

  418.             {

  419.                 return RemovePrivilege(accessTokenHandle, privilege);

  420.             }

  421.         }

  422.     }

  423. }