TOKEN_MANDATORY_POLICY - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTSEAPI_H
//
// Authz
//
// begin_rev
#if (PHNT_MODE == PHNT_MODE_KERNEL)

typedef struct _TOKEN_MANDATORY_POLICY
{
    ULONG Policy;
} TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;

#endif
// end_rev
#endif

View code on GitHub
// ntifs.h

typedef struct _TOKEN_MANDATORY_POLICY {
  ULONG Policy;
} TOKEN_MANDATORY_POLICY, *PTOKEN_MANDATORY_POLICY;
View the official Windows Driver Kit DDI reference

NtDoc

No description available.

Edit description on GitHub

Windows Driver Kit DDI reference (ns-ntifs-token_mandatory_policy)

Description

The TOKEN_MANDATORY_POLICY structure specifies the mandatory integrity policy for a token.

Members

Policy

The mandatory integrity access policy for the associated token. This can be one of the following values.

Value Meaning
TOKEN_MANDATORY_POLICY_OFF (0x0) No mandatory integrity policy is enforced for the token.
TOKEN_MANDATORY_POLICY_NO_WRITE_UP (0x1) A process associated with the token cannot write to objects that have a greater mandatory integrity level.
TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN (0x2) A process created with the token has an integrity level that is the lesser of the parent-process integrity level and the executable-file integrity level.
TOKEN_MANDATORY_POLICY_VALID_MASK (0x3) A combination of TOKEN_MANDATORY_POLICY_NO_WRITE_UP and TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN.

See also

TOKEN_ACCESS_INFORMATION

View the official Windows Driver Kit DDI reference

Edit description on GitHub