SECURITY_MANDATORY (Constants)
Last changed: -61.206.127.148

.
Summary
SECURITY MANDATORY constants to identify Integrity Level

C# Constants:

    const int SECURITY_MANDATORY_UNTRUSTED_RID = (0x00000000);
    const int SECURITY_MANDATORY_LOW_RID = (0x00001000);
    const int SECURITY_MANDATORY_MEDIUM_RID = (0x00002000);
    const int SECURITY_MANDATORY_HIGH_RID = (0x00003000);
    const int SECURITY_MANDATORY_SYSTEM_RID = (0x00004000);
    const int SECURITY_MANDATORY_PROTECTED_PROCESS_RID = (0x00005000);

VB Constants:

TODO

Sample Code (C#):

How to use:

try {
  UtIL.IntegrityLevel level = UtIL.GetIntegrityLevel();
}
catch (NotSupportedException) { // 2003 svr, XP, 2000, etc
  ...
}

Integrity Level is:

public enum IntegrityLevel {
  Low, Medium, High, System, None,
}

Code:

using System;
using System.Runtime.InteropServices;
using System.Diagnostics;
using System.ComponentModel;

namespace ConsoleApplication1 {
    public class UtIL {
        [DllImport("advapi32.dll", SetLastError = true)]
        static extern IntPtr GetSidSubAuthority(IntPtr sid, UInt32 subAuthorityIndex);

        [DllImport("advapi32.dll", SetLastError = true)]
        static extern IntPtr GetSidSubAuthorityCount(IntPtr sid);

        // winnt.h, Windows SDK v6.1
        const int SECURITY_MANDATORY_UNTRUSTED_RID = (0x00000000);
        const int SECURITY_MANDATORY_LOW_RID = (0x00001000);
        const int SECURITY_MANDATORY_MEDIUM_RID = (0x00002000);
        const int SECURITY_MANDATORY_HIGH_RID = (0x00003000);
        const int SECURITY_MANDATORY_SYSTEM_RID = (0x00004000);
        const int SECURITY_MANDATORY_PROTECTED_PROCESS_RID = (0x00005000);

        [DllImport("advapi32.dll", SetLastError = true)]
        [return: MarshalAs(UnmanagedType.Bool)]
        static extern bool OpenProcessToken(
            IntPtr ProcessHandle,
            UInt32 DesiredAccess,
            out IntPtr TokenHandle
            );

        const UInt32 TOKEN_QUERY = 0x0008;

        [DllImport("advapi32.dll", SetLastError = true)]
        static extern bool GetTokenInformation(
            IntPtr TokenHandle,
            TOKEN_INFORMATION_CLASS TokenInformationClass,
            IntPtr TokenInformation,
            uint TokenInformationLength,
            out uint ReturnLength
            );

        enum TOKEN_INFORMATION_CLASS {
            TokenUser = 1, TokenGroups, TokenPrivileges, TokenOwner, TokenPrimaryGroup, TokenDefaultDacl, TokenSource, TokenType, TokenImpersonationLevel, TokenStatistics, TokenRestrictedSids, TokenSessionId, TokenGroupsAndPrivileges, TokenSessionReference, TokenSandBoxInert, TokenAuditPolicy, TokenOrigin, TokenElevationType, TokenLinkedToken, TokenElevation, TokenHasRestrictions, TokenAccessInformation, TokenVirtualizationAllowed, TokenVirtualizationEnabled,

            /// <summary>
            /// The buffer receives a TOKEN_MANDATORY_LABEL structure that specifies the token's integrity level.
            /// </summary>
            TokenIntegrityLevel,

            TokenUIAccess, TokenMandatoryPolicy, TokenLogonSid, MaxTokenInfoClass
        }

        // http://d.hatena.ne.jp/espresso3389/20100413/1271152244
        // http://msdn.microsoft.com/en-us/library/bb625966.aspx

        const int ERROR_INVALID_PARAMETER = 87;

        [DllImport("kernel32.dll", SetLastError = true)]
        static extern bool CloseHandle(IntPtr hHandle);

        public enum IntegrityLevel {
            Low, Medium, High, System, None,
        }

        public static IntegrityLevel GetIntegrityLevel() {
            IntPtr pId = (Process.GetCurrentProcess().Handle);

            IntPtr hToken = IntPtr.Zero;
            if (OpenProcessToken(pId, TOKEN_QUERY, out hToken)) {
                try {
                    IntPtr pb = Marshal.AllocCoTaskMem(1000);
                    try {
                        uint cb = 1000;
                        if (GetTokenInformation(hToken, TOKEN_INFORMATION_CLASS.TokenIntegrityLevel, pb, cb, out cb)) {
                            IntPtr pSid = Marshal.ReadIntPtr(pb);

                            int dwIntegrityLevel = Marshal.ReadInt32(GetSidSubAuthority(pSid, (Marshal.ReadByte(GetSidSubAuthorityCount(pSid)) - 1U)));

                            if (dwIntegrityLevel == SECURITY_MANDATORY_LOW_RID) {
                                return IntegrityLevel.Low;
                            }
                            else if (dwIntegrityLevel >= SECURITY_MANDATORY_MEDIUM_RID && dwIntegrityLevel < SECURITY_MANDATORY_HIGH_RID) {
                                // Medium Integrity
                                return IntegrityLevel.Medium;
                            }
                            else if (dwIntegrityLevel >= SECURITY_MANDATORY_HIGH_RID) {
                                // High Integrity
                                return IntegrityLevel.High;
                            }
                            else if (dwIntegrityLevel >= SECURITY_MANDATORY_SYSTEM_RID) {
                                // System Integrity
                                return IntegrityLevel.System;
                            }
                            return IntegrityLevel.None;
                        }
                        else {
                            int errno = Marshal.GetLastWin32Error();
                            if (errno == ERROR_INVALID_PARAMETER) {
                                throw new NotSupportedException();
                            }
                            throw new Win32Exception(errno);
                        }
                    }
                    finally {
                        Marshal.FreeCoTaskMem(pb);
                    }
                }
                finally {
                    CloseHandle(hToken);
                }
            }
            {
                int errno = Marshal.GetLastWin32Error();
                throw new Win32Exception(errno);
            }
        }

        static void Main(string[] args) {
            try {
                // Output candidates:

                // Not supported!
                // Medium
                // High

                Console.WriteLine(UtIL.GetIntegrityLevel());
            }
            catch (Exception) {
                Console.WriteLine("Not supported!");
            }
        }
    }
}

Notes:

It is useful to implement ShowProcessIntegrityLevel method coded in following page.

Appendix D: Getting the Integrity Level for an Access Token

http://msdn.microsoft.com/en-us/library/bb625966.aspx