forked from DataDog/datadog-agent
/
elevated.go
44 lines (40 loc) · 1.1 KB
/
elevated.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
// Unless explicitly stated otherwise all files in this repository are licensed
// under the Apache License Version 2.0.
// This product includes software developed at Datadog (https://www.datadoghq.com/).
// Copyright 2018 Datadog, Inc.
// +build windows
package winutil
import (
"syscall"
"unsafe"
)
// IsProcessElevated opens the process token and checks elevation status,
// returning true if the process is elevated and false if not elevated.
func IsProcessElevated() (bool, error) {
p, e := syscall.GetCurrentProcess()
if e != nil {
return false, e
}
var t syscall.Token
e = syscall.OpenProcessToken(p, syscall.TOKEN_QUERY, &t)
if e != nil {
return false, e
}
defer syscall.CloseHandle(syscall.Handle(t))
var elevated uint32
n := uint32(unsafe.Sizeof(elevated))
for {
b := make([]byte, n)
e := syscall.GetTokenInformation(t, syscall.TokenElevation, &b[0], uint32(len(b)), &n)
if e == nil {
elevated = *(*uint32)(unsafe.Pointer(&b[0]))
return elevated != 0, nil
}
if e != syscall.ERROR_INSUFFICIENT_BUFFER {
return false, e
}
if n <= uint32(len(b)) {
return false, e
}
}
}