[Win32utils-devel] Get current process owner (sid)
Daniel Berger
djberg96 at gmail.com
Wed Dec 3 20:56:24 EST 2008
Hi,
I'm close, but what I've got doesn't quite match what Win32::Security::SID.new
returns:
require 'windows/file'
require 'windows/handle'
require 'windows/error'
require 'windows/security'
require 'windows/process'
include Windows::File
include Windows::Handle
include Windows::Error
include Windows::Security
include Windows::Process
token = 0.chr * 4
unless OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, token)
raise error, get_last_error
end
token = token.unpack('V')[0]
rlength = 0.chr * 4
tu = 0.chr * 512 # TokenUser
bool = GetTokenInformation(
token,
TokenUser,
tu,
tu.size,
rlength
)
unless bool
raise get_last_error
end
p tu.strip
Looks like the first 8 bytes are unwanted. Are these the attributes? If so, why
are they the first 8 bytes instead of the last 8? I guess I'm confused about how
to properly unroll a SID_AND_ATTRIBUTES struct.
Regards,
Dan
More information about the win32utils-devel
mailing list