PROCESS_MITIGATION_DYNAMIC_CODE_POLICY structure

Contains process mitigation policy settings for restricting dynamic code generation and modification.

Syntax

C++
Copy 

typedef struct _PROCESS_MITIGATION_DYNAMIC_CODE_POLICY {
  union {
    DWORD  Flags;
    struct {
      DWORD ProhibitDynamicCode  :1;
      DWORD AllowThreadOptOut  :1;
      DWORD AllowRemoteDowngrade  :1;
      DWORD ReservedFlags  :30;
    };
  };
} PROCESS_MITIGATION_DYNAMIC_CODE_POLICY, *PPROCESS_MITIGATION_DYNAMIC_CODE_POLICY;

Members

Flags

Reserved for system use.

ProhibitDynamicCode

Set (0x1) to prevent the process from generating dynamic code or modifying existing executable code; otherwise leave unset (0x0).

AllowThreadOptOut

Set (0x1) to allow threads to opt out of the restrictions on dynamic code generation by calling the SetThreadInformation function with the ThreadInformation parameter set to ThreadDynamicCodePolicy; otherwise leave unset (0x0). You should not use the AllowThreadOptOut and ThreadDynamicCodePolicy settings together to provide strong security. These settings are only intended to enable applications to adapt their code more easily for full dynamic code restrictions.

AllowRemoteDowngrade

Set (0x1) to allow non-AppContainer processes to modify all of the dynamic code settings for the calling process, including relaxing dynamic code restrictions after they have been set.

ReservedFlags

Reserved for system use.

Requirements

Minimum supported client

Windows 8.1 [desktop apps only]

Minimum supported server

Windows Server 2016 [desktop apps only]

Header
WinNT.h

See also

GetProcessMitigationPolicy
SetProcessMitigationPolicy

 

 

Show: