进程所有者无法终止CreateProcessAsUser API创建的进程

时间:2017-10-09 03:40:55

标签: winapi createprocessasuser

我有一个以本地系统帐户开头的Windows服务。在此服务中,它使用CreateProcessAsUser API以 user1 帐户创建新流程。创建过程后:

  1. 管理员的身份登录系统,我发现该进程的所有者是 user1 ,我可以停止/恢复/终止该进程。

  2. user1 身份登录系统,但我无法停止/恢复/终止该过程,并且我得到了“拒绝访问”#34;错误。为什么呢?

  3. 这是我的测试代码:

    import os
    import psutil
    import win32process
    import win32security
    import win32con
    import win32api
    import win32file
    
    
    def log(msg):
        with open('C:\\test\\my.log', 'a') as f:
            f.write(msg)
            f.write('\n')
    
    username = 'user1'
    password = 'user1'
    domain = 'testpc'
    
    
    try:
        token = win32security.LogonUser (
            username,
            domain,
            password,
            win32con.LOGON32_LOGON_SERVICE,
            win32con.LOGON32_PROVIDER_DEFAULT
        )
        win32security.ImpersonateLoggedOnUser(token)
    
        cmd = "ping -n 600 localhost"
        cwd = 'c:\\test'
        env = os.environ
    
        dwCreationFlags = win32con.NORMAL_PRIORITY_CLASS
        startup = win32process.STARTUPINFO()
    
        (hProcess, hThread, dwProcessId, dwThreadId) = \
            win32process.CreateProcessAsUser(token, None, cmd, None, None, True,
                                             dwCreationFlags, env, cwd, startup)
        log("hProcess=%s, hThread=%s, dwProcessId=%s, dwThreadId=%s" % (hProcess, hThread, dwProcessId, dwThreadId))
    
        process = psutil.Process(dwProcessId)
        log('process: %s' % process)
    
        return_code = process.wait()
    
        win32file.CloseHandle(hThread)
        win32file.CloseHandle(hProcess)
    except win32security.error as e:
        log(e)
    

    有人可以帮助我吗?非常感谢。

0 个答案:

没有答案