Welcome Guest.   Make a donation to an author on the site April 16, 2014, 11:09:26 AM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
The N.A.N.Y. Challenge 2014! Download dozens of custom programs!
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: [1]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: IDEA: Vista integrity levels shell extension  (Read 5996 times)
cantoris
Participant
*
Posts: 3

View Profile Give some DonationCredits to this forum member
« on: March 28, 2008, 03:10:15 PM »

Hi!

A really useful little app would be a shell-extension that lets you view and change Vista's new integrity levels feature on files and folders.  Here's a command line version:
http://www.minasi.com/vista/chml.htm
A GUI shell-extension would be so useful!  I'm afraid I've no idea whether this would be a coding snack or a coding banquet to do though...
Even just the ability to view them through a shell-extension would be useful.

Best wishes,

Andrew
Logged
skrommel
Fastest code in the west
Developer
***
Posts: 882



View Profile WWW Give some DonationCredits to this forum member
« Reply #1 on: March 28, 2008, 09:16:26 PM »

 smiley Try IntegrityLevel!

You must compile it and run it once to register the shell extension. Then you can rightclick a file and change the integrity level by choosing IntegrityLevel in the context menu.

Download chml from http://www.minasi.com/vista/chml.htm and place it in the script's folder.

2008.03.29: Added shell extension for folders, automatically downloads chml.exe, fixed a typo in the command line for chml.exe.

Skrommel

[copy or print]
;IntegrityLevel.ahk
; RightClick a file and choose IntegrityLevel
;  to change it's integrity level in Vista.
;Skrommel @ 2008

#NoEnv
#SingleInstance,Force

applicationname=IntegrityLevel

IfNotExist,%A_ScriptDir%\chml.exe
{
  TrayTip,%applicationname%,Downloading chml.exe from`nhttp://www.minasi.com/vista/chml.htm...
  UrlDownloadToFile,http://www.minasi.com/vista/chml.exe,%A_ScriptDir%\chml.exe
  If ErrorLevel=1
  {
    MsgBox,0,%applicationname%,Please download chml.exe from`nhttp://www.minasi.com/vista/chml.htm!
    ExitApp
  }
}

If 0=0
{
  RegWrite,REG_SZ,HKEY_CLASSES_ROOT,*\shell\%applicationname%\command,,%A_ScriptDir%\%applicationname%.exe "`%1"
  RegWrite,REG_SZ,HKEY_CLASSES_ROOT,Folder\shell\%applicationname%\command,,%A_ScriptDir%\%applicationname%.exe "`%1"
  MsgBox,0,%applicationname%,Rightclick a file and choose %applicationname% `nto change the file's integrity level.`n`nUses chml.exe from http://www.minasi.com/vista/chml.htm`n`nwww.1HourSoftware.com
  ExitApp
}

filename=%1%

command=%A_ScriptDir%\chml.exe "%filename%" -d
output:=CMDret_RunReturn(command)
StringSplit,part,output,=
StringTrimRight,integrity,part2,2

Gui,Add,Text,w200,%filename%

Gui,Add,GroupBox,Vgroupbox w230 h135,Integrity Level:

GUi,Add,Radio,xp+10 yp+20 Vhigh,High (administrators)
GUi,Add,Radio,Vmedium,Medium (non-administrators)
GUi,Add,Radio,Vlow,Low (temporary Internet files)
GUi,Add,Radio,Vuntrusted,Untrusted

FileGetAttrib,attrib,%filename%
IfInString,attrib,D
  Gui,Add,CheckBox,Vinherit y+20 Checked,Subfolders and -files inherit integrity level
Else
  Gui,Add,CheckBox,Vinherit y+20 Disabled,Subfolders and -files inherit integrity level

Gui,Add,Button,W75 xm+30 y+20 Default GOK,&OK
Gui,Add,Button,W75 x+5 GCANCEL,&Cancel
Gui,Add,StatusBar,,www.1HourSoftware.com

IfInString,integrity,High
  integrity=high
IfInString,integrity,Medium
  integrity=medium
IfInString,integrity,Low
  integrity=low
IfInString,integrity,Untrusted
  integrity=untrusted
GuiControl,,%integrity%,1
Gui,Show
Return


OK:
Gui,Submit
If high=1
  integrity=h
If medium=1
  integrity=m
If low=1
  integrity=l
If untrusted=1
  integrity=u
If inherit=0
  inherit=-noinherit
Else
  inherit=

command=%A_ScriptDir%\chml.exe "%filename%" -i:%integrity% %inherit%
output:=CMDret_RunReturn(command)

CANCEL:
GuiClose:
ExitApp



; ******************************************************************
; CMDret-AHK functions
; version 1.10 beta
;
; Updated: Dec 5, 2006
; by: corrupt
; Code modifications and/or contributions made by:
; Laszlo, shimanov, toralf, Wdb
; ******************************************************************
; Usage:
; CMDin - command to execute
; WorkingDir - full path to working directory (Optional)
; ******************************************************************
; Known Issues:
; - If using dir be sure to specify a path (example: cmd /c dir c:\)
; or specify a working directory   
; - Running 16 bit console applications may not produce output. Use
; a 32 bit application to start the 16 bit process to receive output
; ******************************************************************
; Additional requirements:
; - none
; ******************************************************************
; Code Start
; ******************************************************************

CMDret_RunReturn(CMDin, WorkingDir=0)
{
  Global cmdretPID
  tcWrk := WorkingDir=0 ? "Int" : "Str"
  idltm := A_TickCount + 20
  CMsize = 1
  VarSetCapacity(CMDout, 1, 32)
  VarSetCapacity(sui,68, 0)
  VarSetCapacity(pi, 16, 0)
  VarSetCapacity(pa, 12, 0)
  Loop, 4 {
    DllCall("RtlFillMemory", UInt,&pa+A_Index-1, UInt,1, UChar,12 >> 8*A_Index-8)
    DllCall("RtlFillMemory", UInt,&pa+8+A_Index-1, UInt,1, UChar,1 >> 8*A_Index-8)
  }
  IF (DllCall("CreatePipe", "UInt*",hRead, "UInt*",hWrite, "UInt",&pa, "Int",0) <> 0) {
    Loop, 4
      DllCall("RtlFillMemory", UInt,&sui+A_Index-1, UInt,1, UChar,68 >> 8*A_Index-8)
    DllCall("GetStartupInfo", "UInt", &sui)
    Loop, 4 {
      DllCall("RtlFillMemory", UInt,&sui+44+A_Index-1, UInt,1, UChar,257 >> 8*A_Index-8)
      DllCall("RtlFillMemory", UInt,&sui+60+A_Index-1, UInt,1, UChar,hWrite >> 8*A_Index-8)
      DllCall("RtlFillMemory", UInt,&sui+64+A_Index-1, UInt,1, UChar,hWrite >> 8*A_Index-8)
      DllCall("RtlFillMemory", UInt,&sui+48+A_Index-1, UInt,1, UChar,0 >> 8*A_Index-8)
    }
    IF (DllCall("CreateProcess", Int,0, Str,CMDin, Int,0, Int,0, Int,1, "UInt",0, Int,0, tcWrk, WorkingDir, UInt,&sui, UInt,&pi) <> 0) {
      Loop, 4
        cmdretPID += *(&pi+8+A_Index-1) << 8*A_Index-8
      Loop {
        idltm2 := A_TickCount - idltm
        If (idltm2 < 10) {
          DllCall("Sleep", Int, 10)
          Continue
        }
        IF (DllCall("PeekNamedPipe", "uint", hRead, "uint", 0, "uint", 0, "uint", 0, "uint*", bSize, "uint", 0 ) <> 0 ) {
          Process, Exist, %cmdretPID%
          IF (ErrorLevel OR bSize > 0) {
            IF (bSize > 0) {
              VarSetCapacity(lpBuffer, bSize+1)
              IF (DllCall("ReadFile", "UInt",hRead, "Str", lpBuffer, "Int",bSize, "UInt*",bRead, "Int",0) > 0) {
                IF (bRead > 0) {
                  TRead += bRead
                  VarSetCapacity(CMcpy, (bRead+CMsize+1), 0)
                  CMcpy = a
                  DllCall("RtlMoveMemory", "UInt", &CMcpy, "UInt", &CMDout, "Int", CMsize)
                  DllCall("RtlMoveMemory", "UInt", &CMcpy+CMsize, "UInt", &lpBuffer, "Int", bRead)
                  CMsize += bRead
                  VarSetCapacity(CMDout, (CMsize + 1), 0)
                  CMDout=a   
                  DllCall("RtlMoveMemory", "UInt", &CMDout, "UInt", &CMcpy, "Int", CMsize)
                  VarSetCapacity(CMDout, -1)   ; fix required by change in autohotkey v1.0.44.14
                }
              }
            }
          }
          ELSE
            break
        }
        ELSE
          break
        idltm := A_TickCount
      }
      cmdretPID=
      DllCall("CloseHandle", UInt, hWrite)
      DllCall("CloseHandle", UInt, hRead)
    }
  }
  IF (StrLen(CMDout) < TRead) {
    VarSetCapacity(CMcpy, TRead, 32)
    TRead2 = %TRead%
    Loop {
      DllCall("RtlZeroMemory", "UInt", &CMcpy, Int, TRead)
      NULLptr := StrLen(CMDout)
      cpsize := Tread - NULLptr
      DllCall("RtlMoveMemory", "UInt", &CMcpy, "UInt", (&CMDout + NULLptr + 2), "Int", (cpsize - 1))
      DllCall("RtlZeroMemory", "UInt", (&CMDout + NULLptr), Int, cpsize)
      DllCall("RtlMoveMemory", "UInt", (&CMDout + NULLptr), "UInt", &CMcpy, "Int", cpsize)
      TRead2 --
      IF (StrLen(CMDout) > TRead2)
        break
    }
  }
  StringTrimLeft, CMDout, CMDout, 1
  Return, CMDout
}
« Last Edit: March 29, 2008, 11:31:36 AM by skrommel » Logged

Please stop by my site at  1 Hour Software by skrommel  for downloads and more info.
cantoris
Participant
*
Posts: 3

View Profile Give some DonationCredits to this forum member
« Reply #2 on: March 29, 2008, 06:03:54 AM »

Wow that was amazingly fast, thanks!!

I ensured I ran the executable in an elevated fashion (since Vista's shield symbol was not on the EXE's icon) to ensure all would be well.
The Integrity Level context menu entry appears fine for files but is absent for folders.
When I try and alter an integrity level, it doesn't seem to set it, as if I open the dialog again the setting has reverted.  My account does have the User Privilege that apparently is required to do this (maybe that is something that the app could add if required - perhaps dynamically?) and indeed I can set privilege levels from the command line using chml.exe.
When setting levels on a folder, it would be helpful to have a checkbox as to whether this setting should be inheritable to child objects or not as that functionality is provided by chml.  I presume that setting the inherit flag won't propagate to existing child objects - perhaps a checkbox to do this?

Thanks again for this!

Best wishes,

Andrew
Logged
skrommel
Fastest code in the west
Developer
***
Posts: 882



View Profile WWW Give some DonationCredits to this forum member
« Reply #3 on: March 29, 2008, 11:19:41 AM »

 smiley Just uploaded a new version above!

Added shell extension for folders, and it now automatically downloads chml.exe. I also corrected a typo in the command line for chml.exe, so it should work better now!

Skrommel
« Last Edit: March 29, 2008, 11:26:44 AM by skrommel » Logged

Please stop by my site at  1 Hour Software by skrommel  for downloads and more info.
cantoris
Participant
*
Posts: 3

View Profile Give some DonationCredits to this forum member
« Reply #4 on: March 30, 2008, 12:16:08 PM »

Thanks!!
A nice step forward there.  It doesn't though let me set the integrity level to high whereas I can do with chml.exe from an ELEVATED command prompt.  I suspect you need some way to launch chml.exe with elevated privileges since Vista strips the requisite rights off an admin's token.
The only other thing is it would be nice to have the option when ticking the "inherit" box to optionally tick a 2nd box to recursively set the integrity levels on existing subfolders and files to match the folder being currently edited.  ie Rather like the NTFS Permissions option to "replace permissions on all child objects with ones defined here".  Maybe this would be too much extra work.
Thanks again for this.

Best wishes,

Andrew

NB: The IntegrityLevel context menu entry is not appearing for .URL files.  (My Favorites menu is misbehaving and I'm suspecting integrity levels to be the cause as the Favorites folder has a Low level set on it.)
« Last Edit: March 30, 2008, 03:23:58 PM by cantoris » Logged
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.038s | Server load: 0.19 ]