提升过程产生一个壳(总共2个),但只需要1个?

时间:2013-08-06 21:10:00

标签: c++ visual-c++ process privileges elevation

按照我之前的问题here,现在我得到两个shell - 一个父级(未提升)和一个子shell(提升)。人们需要做什么才能让代码只提升一个shell呢?例如。如何以某种方式关闭父进程?

BOOL IsAppRunningAsAdminMode()
{
BOOL fIsRunAsAdmin = FALSE;
DWORD dwError = ERROR_SUCCESS;
PSID pAdministratorsGroup = NULL;

// Allocate and initialize a SID of the administrators group.
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
if (!AllocateAndInitializeSid(
    &NtAuthority, 
    2, 
    SECURITY_BUILTIN_DOMAIN_RID, 
    DOMAIN_ALIAS_RID_ADMINS, 
    0, 0, 0, 0, 0, 0, 
    &pAdministratorsGroup))
{
    dwError = GetLastError();
    goto Cleanup;
}

// Determine whether the SID of administrators group is enabled in 
// the primary access token of the process.
if (!CheckTokenMembership(NULL, pAdministratorsGroup, &fIsRunAsAdmin))
{
    dwError = GetLastError();
    goto Cleanup;
}

Cleanup:
// Centralized cleanup for all allocated resources.
if (pAdministratorsGroup)
{
    FreeSid(pAdministratorsGroup);
    pAdministratorsGroup = NULL;
}

// Throw the error if something failed in the function.
if (ERROR_SUCCESS != dwError)
{
    throw dwError;
}

return fIsRunAsAdmin;
}


int main() {

bool fIsRunAsAdmin = IsAppRunningAsAdminMode();
if (fIsRunAsAdmin == false)
{
        wchar_t szPath[MAX_PATH];
        if (GetModuleFileName(NULL, szPath, ARRAYSIZE(szPath)))
        {
            // Launch itself as admin
            SHELLEXECUTEINFO sei = { sizeof(sei) };
            sei.lpVerb = L"runas";
            sei.lpFile = szPath;
            sei.hwnd = NULL;
            sei.nShow = SW_NORMAL;
            if (!ShellExecuteEx(&sei))
            {
                DWORD dwError = GetLastError();
                if (dwError == ERROR_CANCELLED)
                {
                    // The user refused to allow privileges elevation.
                    std::cout << "User did not allow elevation" << std::endl;
                }
            }
        }
}
else {
    //do nothing since process already elevated
}
//other code following omitted

0 个答案:

没有答案