-
Jon © (08.03.09 14:17) [0]Does anyone have a working example of how to use the Win32 API function CreateRestrictedToken?
I am trying to create a process as a limited/restricted user, but I cannot get the above token created. -
MTsv DN (08.03.09 15:30) [1]
-
Jon © (08.03.09 16:35) [2]Thanks - but first link is in C++ (which I find confusing) and second link does not use CreateRestrictedToken...
-
MTsv DN (08.03.09 17:50) [3]I thought you want "create a process as a limited/restricted user"... function Process_RunAsSystem(ApplicationName: String; IntegrityLevel: TIntegrityLevel): Boolean; overload; and some functions such as _Process_RunAsSystem_1 are exist in unit RunAsSystem... Showing works with CreateProcessWithToken, GetTokenInformation and other... I thought these shall been useful for you...
-
jon © (08.03.09 18:08) [4]Understood - I shall try again. Thank you very much.
-
имя(09.04.09 21:42) [5]Удалено модератором -
Игорь © (21.04.09 08:08) [6]const
DISABLE_MAX_PRIVILEGE = $1;
function CreateRestrictedToken(ExistingTokenHandle: THandle; Flags: Longword;
DisableSidCount: Longword; var SidToDisable: SID_AND_ATTRIBUTES;
DeletePrivilegeCount: Longword; var PrivilegesToDelete: LUID_AND_ATTRIBUTES;
RestrictedSidCount: Longword; var SidToRestrict: SID_AND_ATTRIBUTES; var NewTokenHandle: THandle): Longword; stdcall; external 'Advapi32.dll' name 'CreateRestrictedToken';
procedure TForm1.Button1Click(Sender: TObject);
var
hToken, hNewToken: THandle;
SidToDisable, SidToRestrict: SID_AND_ATTRIBUTES;
PrivilegesToDelete: LUID_AND_ATTRIBUTES;
SI: STARTUPINFO;
PI: PROCESS_INFORMATION;
begin
OpenProcessToken(GetCurrentProcess, MAXIMUM_ALLOWED, hToken);
CreateRestrictedToken(hToken, DISABLE_MAX_PRIVILEGE, 0, SidToDisable, 0, PrivilegesToDelete, 0, SidToRestrict, hNewToken);
if ImpersonateLoggedOnUser(hNewToken) then
begin
ZeroMemory(@SI, SizeOf(SI));
SI.cb:= SizeOf(SI);
CreateProcessAsUser(hNewToken, PChar(Application.ExeName), '', nil, nil, False,
CREATE_DEFAULT_ERROR_MODE, nil, nil, SI, PI);
RevertToSelf;
end;
end;
| ДомойОсновная Компоненты FreePascal Начинающим KOL Игры Corba Media Журнал WinAPI Сети Прочее Базы .Net |
| Конференция "KOL" » CreateRestrictedToken | |
| ДомойОсновная Компоненты FreePascal Начинающим KOL Игры Corba Media Журнал WinAPI Сети Прочее Базы .Net |
Есть новые 
Нет новых [134431 +14][b:0][p:0.001]