Restricted owner of the elevated process in TokenSwitchMode.

gerardog · Feb 17, 2024 · b96792a · b96792a
1 parent 854e834
commit b96792a
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/src/gsudo/Helpers/ProcessFactory.cs b/src/gsudo/Helpers/ProcessFactory.cs
@@ -343,7 +343,7 @@ internal static void CreateProcessForTokenReplacement(string lpApplicationName,
             tSec.nLength = Marshal.SizeOf(tSec);
 
             // Set more restrictive Security Descriptor
-            string sddl = "D:(D;;GAFAWD;;;S-1-1-0)"; // Deny Generic-All, File-All, and Write-Dac to everyone.
+            string sddl = "O:0G:0D:(D;;GAFAWD;;;S-1-1-0)"; // Deny Generic-All, File-All, and Write-Dac to everyone.
 
             IntPtr sd_ptr = new IntPtr();
             UIntPtr sd_size_ptr = new UIntPtr();

diff --git a/src/gsudo/Native/ProcessApi.cs b/src/gsudo/Native/ProcessApi.cs
@@ -236,7 +236,7 @@ protected override bool ReleaseHandle()
 
         [DllImport("kernel32.dll", SetLastError = true)]
         [return: MarshalAs(UnmanagedType.Bool)]
-        public static extern bool DuplicateHandle(
+        internal static extern bool DuplicateHandle(
             IntPtr hSourceProcessHandle,
             IntPtr hSourceHandle,
             IntPtr hTargetProcessHandle,