windows: add functions for dealing with elevated tokens

These are required when dealing with UAC or launching processes as elevated administrators on behalf of other users. Change-Id: If256c838b1f0202a8703d91496ffdbe16be3a700 Reviewed-on: https://go-review.googlesource.com/c/sys/+/176858 Run-TryBot: Jason Donenfeld <Jason@zx2c4.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Alex Brainman <alex.brainman@gmail.com>
2026-02-08 11:46:04 +03:00 · 2019-05-15 13:56:26 +02:00
parent cedb8e16d1
commit 61b9204099
1 changed files with 22 additions and 0 deletions
--- a/windows/security_windows.go
+++ b/windows/security_windows.go
@@ -693,6 +693,28 @@ func (t Token) GetUserProfileDirectory() (string, error) {
 	}
 }

+// Returns whether the current token is elevated from a UAC perspective.
+func (token Token) IsElevated() bool {
+	var isElevated uint32
+	var outLen uint32
+	err := GetTokenInformation(token, TokenElevation, (*byte)(unsafe.Pointer(&isElevated)), uint32(unsafe.Sizeof(isElevated)), &outLen)
+	if err != nil {
+		return false
+	}
+	return outLen == uint32(unsafe.Sizeof(isElevated)) && isElevated != 0
+}
+
+// Returns the linked token, which may be an elevated UAC token.
+func (token Token) GetLinkedToken() (Token, error) {
+	var linkedToken Token
+	var outLen uint32
+	err := GetTokenInformation(token, TokenLinkedToken, (*byte)(unsafe.Pointer(&linkedToken)), uint32(unsafe.Sizeof(linkedToken)), &outLen)
+	if err != nil {
+		return Token(0), err
+	}
+	return linkedToken, nil
+}
+
 // GetSystemDirectory retrieves path to current location of the system
 // directory, which is typically, though not always, C:\Windows\System32.
 func GetSystemDirectory() (string, error) {