Hi,
I have a Windows Service that run with SYSTEM user.
When i create a new process in this process (using ShellExecute function) the new process got SYSTEM privilege too.
I want it'll run as current user privilege.
How can i done Any help
Hieu
How to change owner of a process or thread?
Hot Topic
- C4533 warning, "initialization skipped by goto"
- Run an external .exe program from VC++ 2005
- Bitmap -> blob
- Open a word file in Word using my application
- i want to be a developer
- Question about "RUNTIME_CLASS"
- help with error C2872: 'IServiceProvider' : ambiguous symbol with C++ code
- VC++ Debugging - skip standard library code?
- C++/CLI dll will not load in C# project (repost, with more info )
- VS Beta2 Compiler Warning
Visual C++
- Converting Project to Use msvcprt.lib instead of msvcirt.lib
- Slow link time
- Justification for forcing 'virtual' for overridden virtual functions
- Convert double to char
- Upgrading from VC++ 6.0 to VC++ 2005
- /clr Static Libs Possible / linking between mananged and unmanaged
- error C2664: 'CreateThread' : cannot convert parameter 3 from 'unsigned long (void *)' to 'unsigned long (__stdcall *)(void *)'
- What happened to the C++ language profiler?
- partitial template specialization for multi-template-class methodes
- is it x64 (?)
How to change owner of a process or thread?
dpilcher
By using Security function:
- OpenProcess
- SetSecurityInfo
So i can write the owner of the process.
But i when i user SetSecurityInfo function, it failed with error is ERROR_INVALID_OWNER
Here is my little code
HANDLE hCurrent = OpenProcess(PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId());
"explorer.exe")));HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, GetProcessIdFromImageName(_T(
PSID pSid;
DWORD dwPID = GetProcessIdFromImageName(_T("explorer.exe"));
HANDLE hToken;
OpenProcessToken(hProcess, TOKEN_ALL_ACCESS, &hToken);
BYTE buf[512];
DWORD cb = sizeof(buf);
GetTokenInformation(hToken, TokenUser, buf, cb, &cb);
TCHAR szName[255];
DWORD dwName = 255;
TCHAR szDomain[255];
DWORD dwDomain = 255;
SID_NAME_USE snu;
LookupAccountSid(NULL, ((TOKEN_USER *)(buf))->User.Sid, szName, &dwName, szDomain, &dwDomain, &snu);
AfxMessageBox(szName);
DWORD dwError = SetSecurityInfo(hCurrent, SE_KERNEL_OBJECT, OWNER_SECURITY_INFORMATION, ((TOKEN_USER *)(buf))->User.Sid, NULL, NULL, NULL);
if (dwError != ERROR_SUCCESS)
{
CString sz;
sz.Format(_T("%d"), dwError);
::MessageBox(NULL, sz, "E2", MB_OK);
}
HINSTANCE hInstance = ShellExecute(NULL, NULL, "
http://www.yahoo.com", NULL, NULL, SW_SHOW);muyiwa taiwo
But you want to create a new process in a specific security context. You have to use CreateProcessAsUser. You can use AssocQueryString to find the application for a file to launch, like ShellExecute does.
-steinar-
But with application that open with DDE command, how can i pass to CreateProcessAsUser function (Ex: like Visual Studio)
Pumkiny
Because i want to be able to open a document instead of create a process.
Hieu
JustDizzy
Are you searching for CreateProcessAsUser
David Chicks - MSFT
Thanks,
Ayman Shoukry
VC++ Team
David Rogers
I have no other idea, that you start the process with CreateProcessAsUser than to initiate a DDE connection with the topic defined under topic in and perform the specific actions that are defined under DDEExec in Application. All this stuff is defined in the registry for the application.
So you only have a data file name and you want to launch it with the associated application like ShellExecute does, but with a different user. Sorry I do not now a complete function like ShellExecuteAsUser...