Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

SD Integrity level?

Dejan_MaksimovicDejan_Maksimovic Member - All Emails Posts: 239
via Email in NTFSD
Apologies up front if I am asking gibberish here... it has been some 5
years since I dabbled with Integrity Levels.

How does a driver query and set the integrity level for a file, i.e.
how do I also query/set the Integrity Level when querying/setting a
file's SD?

Comments

  • Martin_DrábMartin_Dráb Member - All Emails Posts: 57

    How does a driver query and set the integrity level for a file, i.e.

    how do I also query/set the Integrity Level when querying/setting a
    file's SD?

    Integrity lavel is represented by a mandatory label ACE stored in descriptor's SACL. So, you need to query object's SACL, add the ACE into it (or possibly modify existing one) and save new SACL into the descriptor (RtlSetSaclSecurityDescriptor). Then, you may use something like ZwSetSecurotyObject to change the security descriptor of the object. I think the SecurityInformation parameter may contain a flag indicating that you wish to set just the integrity level (and poissibly the mandatory integrity policy).

    Martin Dráb

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
Developing Minifilters 29 July 2019 OSR Seminar Space
Writing WDF Drivers 23 Sept 2019 OSR Seminar Space
Kernel Debugging 21 Oct 2019 OSR Seminar Space
Internals & Software Drivers 18 Nov 2019 Dulles, VA