search

Windows mandatory integrity control

Allows mandatory (priority and critical) access control enforcement before evaluating DACLs.

  • If access is denied, DACLs are not evaluated.

  • If access is allowed, DACLs are evaluated.

hashtag
Integrity labels

  • Untrusted

  • Low (or AppContainer)

  • Medium (default)

  • Medium Plus

  • High

  • System

  • Protected Process

hashtag
Users

  • Medium: standard users.

  • High: elevated users.

hashtag
Process integrity level

  • The minimum is associated with the owner and the executable file.

  • User processes usually are Medium or High.

    • Except if executing Low-labeled executables.

  • Service processes: High.

hashtag
Securable objects mandatory label

  • NO_WRITE_UP (default)

  • NO_READ_UP

  • NO_EXECUTE_UP

Last updated