Hello! A very strange problem.
My application is running under administrator account + High Integrity Level.
It create a process (just CreateProcess). And I expect new process to be High Integrity Level too.
But this happens only if my application is not digital signed. If it is signed, then a new process is created with Medium Integrity Level.
Perhaps this is due to the fact that I have TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN in the security token, and the file of the new process does not have an Integrity Level.
But I set High Integrity Level file too. Did not help. It is not possible to remove the TOKEN_MANDATORY_POLICY_NEW_PROCESS_MIN from the token using SetInformationToken (TokenMandatoryPolicy), because SE_TCB_NAME cannot be given the privilege. (Or I don't know how to do it) The most amazing thing is that this only happens in the not signed application. Without a digital signature - everything is ok.