VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Driver
diff options
context:
space:
mode:
Diffstat (limited to 'src/Driver')
-rw-r--r--src/Driver/Ntdriver.c12
1 files changed, 10 insertions, 2 deletions
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index 845aec6f..8c33a89c 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -2665,5 +2665,8 @@ NTSTATUS MountDevice (PDEVICE_OBJECT DeviceObject, MOUNT_STRUCT *mount)
SeCaptureSubjectContext (&subContext);
SeLockSubjectContext(&subContext);
- accessToken = SeQuerySubjectContextToken (&subContext);
+ if (subContext.ClientToken && subContext.ImpersonationLevel >= SecurityImpersonation)
+ accessToken = subContext.ClientToken;
+ else
+ accessToken = subContext.PrimaryToken;
if (!accessToken)
@@ -3404,5 +3407,9 @@ BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension)
SeCaptureSubjectContext (&subContext);
- accessToken = SeQuerySubjectContextToken (&subContext);
+ SeLockSubjectContext(&subContext);
+ if (subContext.ClientToken && subContext.ImpersonationLevel >= SecurityImpersonation)
+ accessToken = subContext.ClientToken;
+ else
+ accessToken = subContext.PrimaryToken;
if (!accessToken)
@@ -3422,4 +3429,5 @@ BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension)
ret:
+ SeUnlockSubjectContext(&subContext);
SeReleaseSubjectContext (&subContext);
return result;