in providers/windows/process_windows.go [291:335]
func (p *process) User() (types.UserInfo, error) {
handle, err := p.open()
if err != nil {
return types.UserInfo{}, fmt.Errorf("OpenProcess failed: %w", err)
}
defer syscall.CloseHandle(handle)
var accessToken syswin.Token
err = syswin.OpenProcessToken(syswin.Handle(handle), syscall.TOKEN_QUERY, &accessToken)
if err != nil {
return types.UserInfo{}, fmt.Errorf("OpenProcessToken failed: %w", err)
}
defer accessToken.Close()
tokenUser, err := accessToken.GetTokenUser()
if err != nil {
return types.UserInfo{}, fmt.Errorf("GetTokenUser failed: %w", err)
}
sid, err := sidToString(tokenUser.User.Sid)
if sid == "" || err != nil {
if err != nil {
return types.UserInfo{}, fmt.Errorf("failed to look up user SID: %w", err)
}
return types.UserInfo{}, errors.New("failed to look up user SID")
}
tokenGroup, err := accessToken.GetTokenPrimaryGroup()
if err != nil {
return types.UserInfo{}, fmt.Errorf("GetTokenPrimaryGroup failed: %w", err)
}
gsid, err := sidToString(tokenGroup.PrimaryGroup)
if gsid == "" || err != nil {
if err != nil {
return types.UserInfo{}, fmt.Errorf("failed to look up primary group SID: %w", err)
}
return types.UserInfo{}, errors.New("failed to look up primary group SID")
}
return types.UserInfo{
UID: sid,
GID: gsid,
}, nil
}