diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-06-24 01:19:29 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-06-24 17:01:02 +0200 |
commit | 15b24b6179e078c799946f279bb5ac30053fd02d (patch) | |
tree | 9801ab694b3f3a082007e294b9b63e0731e34d03 /ipc/uapi_windows.go | |
parent | f9b48a961cd271bcc58c4c76b61a84a139e76167 (diff) |
ipc: allow admins but require high integrity label
Might be more reasonable.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'ipc/uapi_windows.go')
-rw-r--r-- | ipc/uapi_windows.go | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/ipc/uapi_windows.go b/ipc/uapi_windows.go index 3e2709c..a4d68da 100644 --- a/ipc/uapi_windows.go +++ b/ipc/uapi_windows.go @@ -54,8 +54,7 @@ var UAPISecurityDescriptor *windows.SECURITY_DESCRIPTOR func init() { var err error - /* SDDL_DEVOBJ_SYS_ALL from the WDK */ - UAPISecurityDescriptor, err = windows.SecurityDescriptorFromString("O:SYD:P(A;;GA;;;SY)") + UAPISecurityDescriptor, err = windows.SecurityDescriptorFromString("O:SYD:P(A;;GA;;;SY)(A;;GA;;;BA)S:(ML;;NWNRNX;;;HI)") if err != nil { panic(err) } |