- 1 year ago
Setting a thread security descriptor to "block" OpenThread
Comment
1 / 1
To set a thread security descriptor to "block" using OpenThread in Windows, you can use the following steps:
- Define a SECURITY_ATTRIBUTES structure:
cSECURITY_ATTRIBUTES sa;
sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.lpSecurityDescriptor = NULL;
sa.bInheritHandle = FALSE;
- Create a security descriptor:
cPSECURITY_DESCRIPTOR sd = NULL;
if(!ConvertStringSecurityDescriptorToSecurityDescriptorW(
L"D:(A;;GA;;;WD)", // DACL: allow GENERIC_ALL access to world
SDDL_REVISION_1,
&sd,
NULL))
{
printf("Error creating security descriptor: %u\n", GetLastError());
return 1;
}
- Set the security descriptor for the thread:
cif(!SetKernelObjectSecurity(GetCurrentThread(), DACL_SECURITY_INFORMATION, sd))
{
printf("Error setting thread security descriptor: %u\n", GetLastError());
LocalFree(sd);
return 1;
}
- Call OpenThread with
THREAD_SET_THREAD_TOKEN
to specify the current thread's security token:
cHANDLE hThread = OpenThread(
THREAD_ALL_ACCESS | THREAD_SET_THREAD_TOKEN,
FALSE,
dwThreadId);
if(hThread == NULL)
{
printf("Error opening thread: %u\n", GetLastError());
return 1;
}
- Finally, use RevertToSelf to restore the previous security context:
cif(!RevertToSelf())
{
printf("Error reverting to self: %u\n", GetLastError());
CloseHandle(hThread);
LocalFree(sd);
return 1;
}
Note that the ConvertStringSecurityDescriptorToSecurityDescriptorW
function is used to create a security descriptor from a string. The string "D:(A;;GA;;;WD)" specifies a discretionary access control list (DACL) that allows GENERIC_ALL access to world. You can modify this string to specify different access control settings as required.