mir/openhardwaremonitor
2
0
Fork 0
mirror of https://github.com/openhardwaremonitor/openhardwaremonitor synced 2025-08-29 21:37:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Restricted the access to the kernel driver to system and built-in administrators.

Browse Source
This commit is contained in:
Michael Möller 2010-11-01 20:44:21 +00:00
parent f238f35eff
commit 0e435cafc6
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Hardware/KernelDriver.cs
View File

@ -36,7 +36,9 @@
*/ */
using System; using System;
using System.IO;
using System.Runtime.InteropServices; using System.Runtime.InteropServices;
using System.Security.AccessControl;
using Microsoft.Win32.SafeHandles; using Microsoft.Win32.SafeHandles;
namespace OpenHardwareMonitor.Hardware { namespace OpenHardwareMonitor.Hardware {
@ -79,6 +81,15 @@ namespace OpenHardwareMonitor.Hardware {
NativeMethods.CloseServiceHandle(service); NativeMethods.CloseServiceHandle(service);
NativeMethods.CloseServiceHandle(manager); NativeMethods.CloseServiceHandle(manager);
try {
// restrict the driver access to system (SY) and builtin admins (BA)
// TODO: replace with a call to IoCreateDeviceSecure in the driver
FileSecurity fileSecurity = File.GetAccessControl(@"\\.\" + id);
fileSecurity.SetSecurityDescriptorSddlForm(
"O:BAG:SYD:(A;;FA;;;SY)(A;;FA;;;BA)");
File.SetAccessControl(@"\\.\" + id, fileSecurity);
} catch { }
return true; return true;
} }