private static void SetPrivilege(string privilegeName, int attrib)
{
SafeTokenHandle hToken = null;
Interop.Advapi32.LUID debugValue = new Interop.Advapi32.LUID();
// this is only a "pseudo handle" to the current process - no need to close it later
SafeProcessHandle processHandle = Interop.Kernel32.GetCurrentProcess();
// get the process token so we can adjust the privilege on it. We DO need to
// close the token when we're done with it.
if (!Interop.Advapi32.OpenProcessToken(processHandle, Interop.Kernel32.HandleOptions.TOKEN_ADJUST_PRIVILEGES, out hToken))
{
throw new Win32Exception();
}
try
{
if (!Interop.Advapi32.LookupPrivilegeValue(null, privilegeName, out debugValue))
{
throw new Win32Exception();
}
Interop.Advapi32.TokenPrivileges tkp = new Interop.Advapi32.TokenPrivileges();
tkp.Luid = debugValue;
tkp.Attributes = attrib;
Interop.Advapi32.AdjustTokenPrivileges(hToken, false, tkp, 0, IntPtr.Zero, IntPtr.Zero);
// AdjustTokenPrivileges can return true even if it failed to
// set the privilege, so we need to use GetLastError
if (Marshal.GetLastWin32Error() != Interop.Errors.ERROR_SUCCESS)
{
throw new Win32Exception();
}
}
finally
{
#if FEATURE_TRACESWITCH
Debug.WriteLineIf(_processTracing.TraceVerbose, "Process - CloseHandle(processToken)");
#endif
if (hToken != null)
{
hToken.Dispose();
}
}
}