[Win32utils-devel] User sid

Berger, Daniel Daniel.Berger at qwest.com
Fri Jun 27 10:04:49 EDT 2008


 

> -----Original Message-----
> From: win32utils-devel-bounces at rubyforge.org 
> [mailto:win32utils-devel-bounces at rubyforge.org] On Behalf Of 
> Park Heesob
> Sent: Friday, June 27, 2008 6:52 AM
> To: Development and ideas for win32utils projects
> Subject: Re: [Win32utils-devel] User sid
> 
> Hi,
> ----- Original Message -----
> From: "Daniel Berger" <djberg96 at gmail.com>
> To: "win32utils-devel" <win32utils-devel at rubyforge.org>
> Sent: Friday, June 27, 2008 8:18 PM
> Subject: [Win32utils-devel] User sid
> 
> 
> > Hi all,
> >
> > I was playing around with the idea of implementing Process.uid and 
> > Process.uid= for MS Windows. To that end I first wanted to 
> get the user 
> > associated with the current process. Then I wanted the 
> user's SID. I can't 
> > seem to get the stringified SID, though.
> >
> After modifying ConvertSidToStringSid like this:
>       API.new('ConvertSidToStringSid', 'LP', 'B', 'advapi32')
> 
> Here is a working code:
> 
> require 'windows/process'
> require 'windows/error'
> require 'windows/security'
> require 'windows/msvcrt/string'
> 
> include Windows::Process
> include Windows::Error
> include Windows::Security
> include Windows::Security
> include Windows::MSVCRT::String
> 
> handle = GetCurrentProcess()
> 
> token_handle = [0].pack('L')
> 
> unless OpenProcessToken(handle, TOKEN_QUERY, token_handle)
>     raise get_last_error
> end
> 
> token_handle  = token_handle.unpack('L')[0]
> return_length = [0].pack('L')
> 
> # First pass, get the buffer size needed
> GetTokenInformation(token_handle, TokenUser, 0, 0, return_length)
> 
> token_info = 0.chr * return_length.unpack('L')[0]
> 
> bool = GetTokenInformation(
>     token_handle,
>     TokenUser,
>     token_info,
>     token_info.size,
>     return_length
> )
> 
> unless bool
>     raise get_last_error
> end
> 
> sid_addr = token_info.unpack('L')[0]
> 
> name_buf = 0.chr * 80
> name_cch = [name_buf.size].pack('L')
> 
> domain_buf = 0.chr * 80
> domain_cch = [domain_buf.size].pack('L')
> 
> sid_name_use = 0.chr * 4
> 
> bool = LookupAccountSid(
>     nil,
>     sid_addr,
>     name_buf,
>     name_cch,
>     domain_buf,
>     domain_cch,
>     sid_name_use
> )
> 
> unless bool
>     raise get_last_error
> end
> p name_buf.strip   # "djberge"
> 
> sid_buf = 0.chr * 80
> sid_ptr = 0.chr * 4
> bool = ConvertSidToStringSid(
>     sid_addr,
>     sid_ptr
> )
> 
> unless bool
>     raise get_last_error
> end
> strcpy(sid_buf,sid_ptr.unpack('L').first)
> p sid_buf.strip

<snip>

That works, thanks.

What do you think about the idea of having Process.uid return a SID, and
a Process.uid= method that would take a SID? I think this is possible
with SetSecurityInfo, but I haven't tried yet.

Possible enhancement for win32-process 0.6.0?

Regards,

Dan


This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly 
prohibited and may be unlawful.  If you have received this communication 
in error, please immediately notify the sender by reply e-mail and destroy 
all copies of the communication and any attachments.


More information about the win32utils-devel mailing list