Hello,

This is my first time posting������to this������mailing list.������ (This email is a bit long... sorry!)������ I am a developer writing Win32 code using Wine on Debian Linux.������ I tried to use the Win32 API function������GetTempPath2W(), but my Wine version does not support it.������ I checked out the Wine source code and found GetTempPathW() here:������dlls/kernelbase/file.c������ ... but did not find GetTempPath2W().

First, if this function is already in the pipeline (another feature branch, etc.), please������let me know... and ignore the rest of this email! :-)

From GetTempPathW() docs:������https://learn.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-gettemppathw
"Note: Apps should call GetTempPath2 instead of GetTempPath."

From GetTempPath2W() docs: "When calling this function from a process running as SYSTEM it will return the path C:\Windows\SystemTemp"

The implementation looks rather straightforward except this part: "process running as SYSTEM".������ How to detect this?������ I found a good blog post from (the legend) Raymond Chen:������https://devblogs.microsoft.com/oldnewthing/20210106-00/?p=104669

Sample code looks like this:
<<
#include <wil/token_helpers.h>

bool DoesTokenRepresentSid(HANDLE token, WELL_KNOWN_SID_TYPE type)
{
������// maps to GetTokenInformation(token, TokenUser, ...);
������auto user = wil::get_token_information<TOKEN_USER>(token);
������return !!IsWellKnownSid(user->User.Sid, type);
}

bool IsCurrentProcessRunningAsSystem()
{
������return DoesTokenRepresentSid(GetCurrentProcessToken(),
������ ������ ������ ������ ������ ������ ������ ������ ������ ������ ������ ������ ������ ������ ������ WinLocalSystemSid);
}

bool IsCurrentThreadRunningAsSystem()
{
������return DoesTokenRepresentSid(GetCurrentThreadEffectiveToken(),
������ ������ ������ ������ ������ ������ ������ ������ ������ ������ ������ ������ ������ ������ ������ WinLocalSystemSid);
}
>>

Reading the WIL source code on������GitHub, I understand the required Win32 calls.������ In short, I plan to re-write the above same code using pure Win32 code (remove the WIL requirement).

My questions:
  1. Do you agree with Raymond Chen's technique for Wine source code?������ (Or: Is there a better way to do it for������Wine source code?)
  2. Should my SYSTEM account test use IsCurrentProcessRunningAsSystem() or IsCurrentThreadRunningAsSystem()?������ If I read the official docs literally, I think "process" not "thread".������ Please advise.
  3. Reading the WIL������code: TOKEN_INFORMATION_CLASS������TokenUser appears to require this pattern:
      1. Call GetTokenInformation() to get required buffer size
      2. malloc buffer
      3. Call GetTokenInformation() again with buffer
      4. Check: WinLocalSystemSid == ((TOKEN_USER *) buffer)->User.Sid
      5. free buffer
    1. Is there a way to avoid the above steps?������ malloc+free seems like overkill to decide if the current user is SYSTEM!
    2. Do I misunderstand the WIL code?������ Reading the Wine code for:������GetTokenInformation() ->������NtQueryInformationToken(): TOKEN_USER appears to be fixed size.������ Why does WIL think TOKEN_USER������is not fixed size?������ I am confused!������ :-)
Kind regards,
Kevin Connor ARPE
Tokyo, Japan