// Copyright 2021 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "remoting/host/win/acl_util.h"
#include <windows.h>
#include "base/logging.h"
#include "base/win/security_descriptor.h"
namespace remoting {
bool AddProcessAccessRightForWellKnownSid(
base::win::WellKnownSid well_known_sid,
DWORD new_right) {
auto sd = base::win::SecurityDescriptor::FromHandle(
GetCurrentProcess(), base::win::SecurityObjectType::kKernel,
DACL_SECURITY_INFORMATION);
if (!sd) {
PLOG(ERROR) << "Failed to read security descriptor of current process";
return false;
}
if (!sd->SetDaclEntry(well_known_sid, base::win::SecurityAccessMode::kGrant,
new_right,
/* inheritance= */ 0)) {
PLOG(ERROR) << "Failed to set DACL entry on security descriptor";
return false;
}
if (!sd->WriteToHandle(GetCurrentProcess(),
base::win::SecurityObjectType::kKernel,
DACL_SECURITY_INFORMATION)) {
PLOG(ERROR) << "Failed to write security descriptor to current process";
return false;
}
return true;
}
} // namespace remoting
Codebase Browser
chromium