Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • September 03, 2015, 07:56:20 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: IDEA: Vista integrity levels shell extension  (Read 6950 times)

cantoris

  • Participant
  • Joined in 2007
  • *
  • default avatar
  • Posts: 3
    • View Profile
    • Donate to Member
IDEA: Vista integrity levels shell extension
« on: March 28, 2008, 03:10:15 PM »
Hi!

A really useful little app would be a shell-extension that lets you view and change Vista's new integrity levels feature on files and folders.  Here's a command line version:
http://www.minasi.com/vista/chml.htm
A GUI shell-extension would be so useful!  I'm afraid I've no idea whether this would be a coding snack or a coding banquet to do though...
Even just the ability to view them through a shell-extension would be useful.

Best wishes,

Andrew

skrommel

  • Fastest code in the west
  • Developer
  • Joined in 2005
  • ***
  • Posts: 886
    • View Profile
    • 1 Hour Software by skrommel
    • Donate to Member
Re: IDEA: Vista integrity levels shell extension
« Reply #1 on: March 28, 2008, 09:16:26 PM »
 :) Try IntegrityLevel!

You must compile it and run it once to register the shell extension. Then you can rightclick a file and change the integrity level by choosing IntegrityLevel in the context menu.

Download chml from http://www.minasi.com/vista/chml.htm and place it in the script's folder.

2008.03.29: Added shell extension for folders, automatically downloads chml.exe, fixed a typo in the command line for chml.exe.

Skrommel

Code: [Select]
;IntegrityLevel.ahk
; RightClick a file and choose IntegrityLevel
;  to change it's integrity level in Vista.
;Skrommel @ 2008

#NoEnv
#SingleInstance,Force

applicationname=IntegrityLevel

IfNotExist,%A_ScriptDir%\chml.exe
{
  TrayTip,%applicationname%,Downloading chml.exe from`nhttp://www.minasi.com/vista/chml.htm...
  UrlDownloadToFile,http://www.minasi.com/vista/chml.exe,%A_ScriptDir%\chml.exe
  If ErrorLevel=1
  {
    MsgBox,0,%applicationname%,Please download chml.exe from`nhttp://www.minasi.com/vista/chml.htm!
    ExitApp
  }
}

If 0=0
{
  RegWrite,REG_SZ,HKEY_CLASSES_ROOT,*\shell\%applicationname%\command,,%A_ScriptDir%\%applicationname%.exe "`%1"
  RegWrite,REG_SZ,HKEY_CLASSES_ROOT,Folder\shell\%applicationname%\command,,%A_ScriptDir%\%applicationname%.exe "`%1"
  MsgBox,0,%applicationname%,Rightclick a file and choose %applicationname% `nto change the file's integrity level.`n`nUses chml.exe from http://www.minasi.com/vista/chml.htm`n`nwww.1HourSoftware.com
  ExitApp
}

filename=%1%

command=%A_ScriptDir%\chml.exe "%filename%" -d
output:=CMDret_RunReturn(command)
StringSplit,part,output,=
StringTrimRight,integrity,part2,2

Gui,Add,Text,w200,%filename%

Gui,Add,GroupBox,Vgroupbox w230 h135,Integrity Level:

GUi,Add,Radio,xp+10 yp+20 Vhigh,High (administrators)
GUi,Add,Radio,Vmedium,Medium (non-administrators)
GUi,Add,Radio,Vlow,Low (temporary Internet files)
GUi,Add,Radio,Vuntrusted,Untrusted

FileGetAttrib,attrib,%filename%
IfInString,attrib,D
  Gui,Add,CheckBox,Vinherit y+20 Checked,Subfolders and -files inherit integrity level
Else
  Gui,Add,CheckBox,Vinherit y+20 Disabled,Subfolders and -files inherit integrity level

Gui,Add,Button,W75 xm+30 y+20 Default GOK,&OK
Gui,Add,Button,W75 x+5 GCANCEL,&Cancel
Gui,Add,StatusBar,,www.1HourSoftware.com

IfInString,integrity,High
  integrity=high
IfInString,integrity,Medium
  integrity=medium
IfInString,integrity,Low
  integrity=low
IfInString,integrity,Untrusted
  integrity=untrusted
GuiControl,,%integrity%,1
Gui,Show
Return


OK:
Gui,Submit
If high=1
  integrity=h
If medium=1
  integrity=m
If low=1
  integrity=l
If untrusted=1
  integrity=u
If inherit=0
  inherit=-noinherit
Else
  inherit=

command=%A_ScriptDir%\chml.exe "%filename%" -i:%integrity% %inherit%
output:=CMDret_RunReturn(command)

CANCEL:
GuiClose:
ExitApp



; ******************************************************************
; CMDret-AHK functions
; version 1.10 beta
;
; Updated: Dec 5, 2006
; by: corrupt
; Code modifications and/or contributions made by:
; Laszlo, shimanov, toralf, Wdb
; ******************************************************************
; Usage:
; CMDin - command to execute
; WorkingDir - full path to working directory (Optional)
; ******************************************************************
; Known Issues:
; - If using dir be sure to specify a path (example: cmd /c dir c:\)
; or specify a working directory   
; - Running 16 bit console applications may not produce output. Use
; a 32 bit application to start the 16 bit process to receive output
; ******************************************************************
; Additional requirements:
; - none
; ******************************************************************
; Code Start
; ******************************************************************

CMDret_RunReturn(CMDin, WorkingDir=0)
{
  Global cmdretPID
  tcWrk := WorkingDir=0 ? "Int" : "Str"
  idltm := A_TickCount + 20
  CMsize = 1
  VarSetCapacity(CMDout, 1, 32)
  VarSetCapacity(sui,68, 0)
  VarSetCapacity(pi, 16, 0)
  VarSetCapacity(pa, 12, 0)
  Loop, 4 {
    DllCall("RtlFillMemory", UInt,&pa+A_Index-1, UInt,1, UChar,12 >> 8*A_Index-8)
    DllCall("RtlFillMemory", UInt,&pa+8+A_Index-1, UInt,1, UChar,1 >> 8*A_Index-8)
  }
  IF (DllCall("CreatePipe", "UInt*",hRead, "UInt*",hWrite, "UInt",&pa, "Int",0) <> 0) {
    Loop, 4
      DllCall("RtlFillMemory", UInt,&sui+A_Index-1, UInt,1, UChar,68 >> 8*A_Index-8)
    DllCall("GetStartupInfo", "UInt", &sui)
    Loop, 4 {
      DllCall("RtlFillMemory", UInt,&sui+44+A_Index-1, UInt,1, UChar,257 >> 8*A_Index-8)
      DllCall("RtlFillMemory", UInt,&sui+60+A_Index-1, UInt,1, UChar,hWrite >> 8*A_Index-8)
      DllCall("RtlFillMemory", UInt,&sui+64+A_Index-1, UInt,1, UChar,hWrite >> 8*A_Index-8)
      DllCall("RtlFillMemory", UInt,&sui+48+A_Index-1, UInt,1, UChar,0 >> 8*A_Index-8)
    }
    IF (DllCall("CreateProcess", Int,0, Str,CMDin, Int,0, Int,0, Int,1, "UInt",0, Int,0, tcWrk, WorkingDir, UInt,&sui, UInt,&pi) <> 0) {
      Loop, 4
        cmdretPID += *(&pi+8+A_Index-1) << 8*A_Index-8
      Loop {
        idltm2 := A_TickCount - idltm
        If (idltm2 < 10) {
          DllCall("Sleep", Int, 10)
          Continue
        }
        IF (DllCall("PeekNamedPipe", "uint", hRead, "uint", 0, "uint", 0, "uint", 0, "uint*", bSize, "uint", 0 ) <> 0 ) {
          Process, Exist, %cmdretPID%
          IF (ErrorLevel OR bSize > 0) {
            IF (bSize > 0) {
              VarSetCapacity(lpBuffer, bSize+1)
              IF (DllCall("ReadFile", "UInt",hRead, "Str", lpBuffer, "Int",bSize, "UInt*",bRead, "Int",0) > 0) {
                IF (bRead > 0) {
                  TRead += bRead
                  VarSetCapacity(CMcpy, (bRead+CMsize+1), 0)
                  CMcpy = a
                  DllCall("RtlMoveMemory", "UInt", &CMcpy, "UInt", &CMDout, "Int", CMsize)
                  DllCall("RtlMoveMemory", "UInt", &CMcpy+CMsize, "UInt", &lpBuffer, "Int", bRead)
                  CMsize += bRead
                  VarSetCapacity(CMDout, (CMsize + 1), 0)
                  CMDout=a   
                  DllCall("RtlMoveMemory", "UInt", &CMDout, "UInt", &CMcpy, "Int", CMsize)
                  VarSetCapacity(CMDout, -1)   ; fix required by change in autohotkey v1.0.44.14
                }
              }
            }
          }
          ELSE
            break
        }
        ELSE
          break
        idltm := A_TickCount
      }
      cmdretPID=
      DllCall("CloseHandle", UInt, hWrite)
      DllCall("CloseHandle", UInt, hRead)
    }
  }
  IF (StrLen(CMDout) < TRead) {
    VarSetCapacity(CMcpy, TRead, 32)
    TRead2 = %TRead%
    Loop {
      DllCall("RtlZeroMemory", "UInt", &CMcpy, Int, TRead)
      NULLptr := StrLen(CMDout)
      cpsize := Tread - NULLptr
      DllCall("RtlMoveMemory", "UInt", &CMcpy, "UInt", (&CMDout + NULLptr + 2), "Int", (cpsize - 1))
      DllCall("RtlZeroMemory", "UInt", (&CMDout + NULLptr), Int, cpsize)
      DllCall("RtlMoveMemory", "UInt", (&CMDout + NULLptr), "UInt", &CMcpy, "Int", cpsize)
      TRead2 --
      IF (StrLen(CMDout) > TRead2)
        break
    }
  }
  StringTrimLeft, CMDout, CMDout, 1
  Return, CMDout
}
Please stop by my site at  1 Hour Software by skrommel  for downloads and more info.
« Last Edit: March 29, 2008, 11:31:36 AM by skrommel »

cantoris

  • Participant
  • Joined in 2007
  • *
  • default avatar
  • Posts: 3
    • View Profile
    • Donate to Member
Re: IDEA: Vista integrity levels shell extension
« Reply #2 on: March 29, 2008, 06:03:54 AM »
Wow that was amazingly fast, thanks!!

I ensured I ran the executable in an elevated fashion (since Vista's shield symbol was not on the EXE's icon) to ensure all would be well.
The Integrity Level context menu entry appears fine for files but is absent for folders.
When I try and alter an integrity level, it doesn't seem to set it, as if I open the dialog again the setting has reverted.  My account does have the User Privilege that apparently is required to do this (maybe that is something that the app could add if required - perhaps dynamically?) and indeed I can set privilege levels from the command line using chml.exe.
When setting levels on a folder, it would be helpful to have a checkbox as to whether this setting should be inheritable to child objects or not as that functionality is provided by chml.  I presume that setting the inherit flag won't propagate to existing child objects - perhaps a checkbox to do this?

Thanks again for this!

Best wishes,

Andrew

skrommel

  • Fastest code in the west
  • Developer
  • Joined in 2005
  • ***
  • Posts: 886
    • View Profile
    • 1 Hour Software by skrommel
    • Donate to Member
Re: IDEA: Vista integrity levels shell extension
« Reply #3 on: March 29, 2008, 11:19:41 AM »
 :) Just uploaded a new version above!

Added shell extension for folders, and it now automatically downloads chml.exe. I also corrected a typo in the command line for chml.exe, so it should work better now!

Skrommel
Please stop by my site at  1 Hour Software by skrommel  for downloads and more info.
« Last Edit: March 29, 2008, 11:26:44 AM by skrommel »

cantoris

  • Participant
  • Joined in 2007
  • *
  • default avatar
  • Posts: 3
    • View Profile
    • Donate to Member
Re: IDEA: Vista integrity levels shell extension
« Reply #4 on: March 30, 2008, 12:16:08 PM »
Thanks!!
A nice step forward there.  It doesn't though let me set the integrity level to high whereas I can do with chml.exe from an ELEVATED command prompt.  I suspect you need some way to launch chml.exe with elevated privileges since Vista strips the requisite rights off an admin's token.
The only other thing is it would be nice to have the option when ticking the "inherit" box to optionally tick a 2nd box to recursively set the integrity levels on existing subfolders and files to match the folder being currently edited.  ie Rather like the NTFS Permissions option to "replace permissions on all child objects with ones defined here".  Maybe this would be too much extra work.
Thanks again for this.

Best wishes,

Andrew

NB: The IntegrityLevel context menu entry is not appearing for .URL files.  (My Favorites menu is misbehaving and I'm suspecting integrity levels to be the cause as the Favorites folder has a Low level set on it.)
« Last Edit: March 30, 2008, 03:23:58 PM by cantoris »