提升自身权限代码

在写程序时有时要提升自己的权限。所以写个函数，以免重复劳动。

/*
*  if(!AdjustPrivileges())
*    {
*        [Error tips]....
*    }
*/

    
BOOL AdjustPrivileges()
{
    HANDLE        hToken;
    TOKEN_PRIVILEGES    tkp;
    
    /*参数说明(MSDN)
    TOKEN_ADJUST_DEFAULT         Required to change the default owner, primary group, or DACL of an access token. 
    TOKEN_ADJUST_GROUPS         Required to adjust the attributes of the groups in an access token. 
    TOKEN_ADJUST_PRIVILEGES     Required to enable or disable the privileges in an access token. 
    TOKEN_ADJUST_SESSIONID         Required to adjust the session ID of an access token. The SE_TCB_NAME privilege is required. 
    TOKEN_ASSIGN_PRIMARY         Required to attach a primary token to a process. The SE_ASSIGNPRIMARYTOKEN_NAME privilege is also required to accomplish this task. 
    TOKEN_DUPLICATE             Required to duplicate an access token. 
    TOKEN_EXECUTE                 Combines STANDARD_RIGHTS_EXECUTE and TOKEN_IMPERSONATE. 
    TOKEN_IMPERSONATE             Required to attach an impersonation access token to a process. 
    TOKEN_QUERY                 Required to query an access token. 
    TOKEN_QUERY_SOURCE             Required to query the source of an access token. 
    TOKEN_READ                     Combines STANDARD_RIGHTS_READ and TOKEN_QUERY. 
    TOKEN_WRITE                 Combines STANDARD_RIGHTS_WRITE, TOKEN_ADJUST_PRIVILEGES, TOKEN_ADJUST_GROUPS, and TOKEN_ADJUST_DEFAULT. 
    TOKEN_ALL_ACCESS              Combines all possible access rights for a token.
    */

    if(!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY, &hToken))
    {
        MessageBox(NULL, "Can't OpenProcessToken\n", "Error", MB_OK|MB_ICONSTOP);
        return    FALSE;
    }
    
    /*
    *查找相关动作的本地唯一标识符(LIUID)
    *SE_SHUTDOWN_NAME可以换成SeSecurityPrivilege
    */
    LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &tkp.Privileges[0].Luid);
    tkp.PrivilegeCount = 1;
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    
    //调整权限
    AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES)NULL, 0);
    if(GetLastError == ERROR_SUCCESS)
    {
        MessageBox(NULL, "Can't AdjustToken\n", "Error", MB_OK|MB_ICONSTOP);
        return FALSE;
    }
    
    //return TRUE;
    //做其它事,比如这里关机
    if(!ExitWindowsEx(EWX_SHUTDOWN|EWX_FORCE, 0))
    {
        MessageBox(NULL, "Can't Shutdown computer", "Error", MB_OK|MB_ICONSTOP);
    }
    
    return TRUE;
    
}

 

把难题清清楚楚地写出来，便已经解决了一半。只有先认清问题，才能很好地解决问题。这种观点在管理学上被称为吉德林法则。