3 files changed, 30 insertions, 3 deletions
diff --git a/src/burn/engine/engine.cpp b/src/burn/engine/engine.cpp
index c372772c..d432f732 100644
--- a/src/burn/engine/engine.cpp
+++ b/src/burn/engine/engine.cpp
@@ -379,7 +379,8 @@ static HRESULT InitializeEngineState(
    BurnPipeConnectionInitialize(&pEngineState->embeddedConnection);
    // Retain whether bundle was initially run elevated.
-    ProcElevated(::GetCurrentProcess(), &pEngineState->internalCommand.fInitiallyElevated);
+    hr = ProcIsHighIntegrity(::GetCurrentProcess(), &pEngineState->internalCommand.fInitiallyElevated);
+    ExitOnFailure(hr, "Failed to determine if process is running elevated.");
    // Parse command line.
    hr = CoreParseCommandLine(&pEngineState->internalCommand, &pEngineState->command, &pEngineState->companionConnection, &pEngineState->embeddedConnection, &hSectionFile, &hSourceEngineFile);
diff --git a/src/libs/dutil/WixToolset.DUtil/inc/procutil.h b/src/libs/dutil/WixToolset.DUtil/inc/procutil.h
index e7e91705..974003eb 100644
--- a/src/libs/dutil/WixToolset.DUtil/inc/procutil.h
+++ b/src/libs/dutil/WixToolset.DUtil/inc/procutil.h
@@ -28,7 +28,10 @@ HRESULT DAPI ProcGetTokenInformation(
    __in TOKEN_INFORMATION_CLASS tokenInformationClass,
    __out LPVOID* ppvTokenInformation
    );
+HRESULT DAPI ProcIsHighIntegrity(
+    __in HANDLE hProcess,
+    __out BOOL* pfHighIntegrity
+    );
 HRESULT DAPI ProcHasPrivilege(
    __in HANDLE hProcess,
    __in LPCWSTR wzPrivilegeName,
diff --git a/src/libs/dutil/WixToolset.DUtil/procutil.cpp b/src/libs/dutil/WixToolset.DUtil/procutil.cpp
index 6cd3214c..7109551b 100644
--- a/src/libs/dutil/WixToolset.DUtil/procutil.cpp
+++ b/src/libs/dutil/WixToolset.DUtil/procutil.cpp
@@ -34,7 +34,6 @@ static BOOL CALLBACK CloseWindowEnumCallback(
    __in LPARAM lParam
    );
 extern "C" HRESULT DAPI ProcElevated(
    __in HANDLE hProcess,
    __out BOOL* pfElevated
@@ -141,6 +140,30 @@ LExit:
    return hr;
 }
+extern "C" HRESULT DAPI ProcIsHighIntegrity(
+    __in HANDLE hProcess,
+    __out BOOL* pfHighIntegrity
+    )
+{
+    HRESULT hr = S_OK;
+    TOKEN_MANDATORY_LABEL* pTokenMandatoryLabel = NULL;
+    DWORD integrityRid = 0;
+    *pfHighIntegrity = FALSE;
+    hr = ProcGetTokenInformation(hProcess, TokenIntegrityLevel, reinterpret_cast<LPVOID*>(&pTokenMandatoryLabel));
+    ProcExitOnFailure(hr, "Failed to get token mandatory label.");
+    integrityRid = *::GetSidSubAuthority(pTokenMandatoryLabel->Label.Sid, *::GetSidSubAuthorityCount(pTokenMandatoryLabel->Label.Sid) - 1);
+    *pfHighIntegrity = (SECURITY_MANDATORY_HIGH_RID <= integrityRid);
+LExit:
+    ReleaseMem(pTokenMandatoryLabel);
+    return hr;
+}
 extern "C" HRESULT DAPI ProcHasPrivilege(
    __in HANDLE hProcess,
    __in LPCWSTR wzPrivilegeName,

diff --git a/src/burn/engine/engine.cpp b/src/burn/engine/engine.cpp index c372772c..d432f732 100644 --- a/src/burn/engine/engine.cpp +++ b/src/burn/engine/engine.cpp
@@ -379,7 +379,8 @@ static HRESULT InitializeEngineState(
379	BurnPipeConnectionInitialize(&pEngineState->embeddedConnection);	379	BurnPipeConnectionInitialize(&pEngineState->embeddedConnection);
380		380
381	// Retain whether bundle was initially run elevated.	381	// Retain whether bundle was initially run elevated.
382	ProcElevated(::GetCurrentProcess(), &pEngineState->internalCommand.fInitiallyElevated);	382	hr = ProcIsHighIntegrity(::GetCurrentProcess(), &pEngineState->internalCommand.fInitiallyElevated);
		383	ExitOnFailure(hr, "Failed to determine if process is running elevated.");
383		384
384	// Parse command line.	385	// Parse command line.
385	hr = CoreParseCommandLine(&pEngineState->internalCommand, &pEngineState->command, &pEngineState->companionConnection, &pEngineState->embeddedConnection, &hSectionFile, &hSourceEngineFile);	386	hr = CoreParseCommandLine(&pEngineState->internalCommand, &pEngineState->command, &pEngineState->companionConnection, &pEngineState->embeddedConnection, &hSectionFile, &hSourceEngineFile);


diff --git a/src/libs/dutil/WixToolset.DUtil/inc/procutil.h b/src/libs/dutil/WixToolset.DUtil/inc/procutil.h index e7e91705..974003eb 100644 --- a/src/libs/dutil/WixToolset.DUtil/inc/procutil.h +++ b/src/libs/dutil/WixToolset.DUtil/inc/procutil.h
@@ -28,7 +28,10 @@ HRESULT DAPI ProcGetTokenInformation(
28	__in TOKEN_INFORMATION_CLASS tokenInformationClass,	28	__in TOKEN_INFORMATION_CLASS tokenInformationClass,
29	__out LPVOID* ppvTokenInformation	29	__out LPVOID* ppvTokenInformation
30	);	30	);
31		31	HRESULT DAPI ProcIsHighIntegrity(
		32	__in HANDLE hProcess,
		33	__out BOOL* pfHighIntegrity
		34	);
32	HRESULT DAPI ProcHasPrivilege(	35	HRESULT DAPI ProcHasPrivilege(
33	__in HANDLE hProcess,	36	__in HANDLE hProcess,
34	__in LPCWSTR wzPrivilegeName,	37	__in LPCWSTR wzPrivilegeName,


diff --git a/src/libs/dutil/WixToolset.DUtil/procutil.cpp b/src/libs/dutil/WixToolset.DUtil/procutil.cpp index 6cd3214c..7109551b 100644 --- a/src/libs/dutil/WixToolset.DUtil/procutil.cpp +++ b/src/libs/dutil/WixToolset.DUtil/procutil.cpp
@@ -34,7 +34,6 @@ static BOOL CALLBACK CloseWindowEnumCallback(
34	__in LPARAM lParam	34	__in LPARAM lParam
35	);	35	);
36		36
37
38	extern "C" HRESULT DAPI ProcElevated(	37	extern "C" HRESULT DAPI ProcElevated(
39	__in HANDLE hProcess,	38	__in HANDLE hProcess,
40	__out BOOL* pfElevated	39	__out BOOL* pfElevated
@@ -141,6 +140,30 @@ LExit:
141	return hr;	140	return hr;
142	}	141	}
143		142
		143	extern "C" HRESULT DAPI ProcIsHighIntegrity(
		144	__in HANDLE hProcess,
		145	__out BOOL* pfHighIntegrity
		146	)
		147	{
		148	HRESULT hr = S_OK;
		149	TOKEN_MANDATORY_LABEL* pTokenMandatoryLabel = NULL;
		150	DWORD integrityRid = 0;
		151
		152	*pfHighIntegrity = FALSE;
		153
		154	hr = ProcGetTokenInformation(hProcess, TokenIntegrityLevel, reinterpret_cast<LPVOID*>(&pTokenMandatoryLabel));
		155	ProcExitOnFailure(hr, "Failed to get token mandatory label.");
		156
		157	integrityRid = ::GetSidSubAuthority(pTokenMandatoryLabel->Label.Sid, ::GetSidSubAuthorityCount(pTokenMandatoryLabel->Label.Sid) - 1);
		158
		159	*pfHighIntegrity = (SECURITY_MANDATORY_HIGH_RID <= integrityRid);
		160
		161	LExit:
		162	ReleaseMem(pTokenMandatoryLabel);
		163
		164	return hr;
		165	}
		166
144	extern "C" HRESULT DAPI ProcHasPrivilege(	167	extern "C" HRESULT DAPI ProcHasPrivilege(
145	__in HANDLE hProcess,	168	__in HANDLE hProcess,
146	__in LPCWSTR wzPrivilegeName,	169	__in LPCWSTR wzPrivilegeName,