目标是防止本地用户帐户杀死我的进程。 AFAIK,可以通过以管理员身份执行流程或提高流程的完整性来实现。
当前,我正在使用.exe的清单文件以管理员权限执行该过程。我的用户是管理员类型,只需在UAC提示上单击“是”即可。我希望摆脱这种麻烦,以编程的方式提高我的流程的完整性。但是在以下摘录中,SetTokenInformation()出现错误“客户端未拥有所需的特权”。我使用UserRights.ps1启用了所有特权,但仍然显示错误。
#include <stdio.h>
#include <windows.h>
#include <malloc.h>
void failure(const char *message, const int line)
{
char buf[256] = { 0 };
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, GetLastError(), MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)&buf, sizeof(buf), NULL);
puts(buf);
exit(1);
}
int main(void)
{
HANDLE hToken;
if (OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken) == 0)
failure("OpenProcessToken()", __LINE__);
ULONG cbSid = GetSidLengthRequired(1);
TOKEN_MANDATORY_LABEL tml = { { alloca(cbSid) } };
if (CreateWellKnownSid(WinHighLabelSid, NULL, tml.Label.Sid, &cbSid) == 0)
failure("CreateWellKnownSid()", __LINE__);
if (SetTokenInformation(hToken, TokenIntegrityLevel, &tml, sizeof(tml)) == 0)
failure("SetTokenInformation()", __LINE__);
CloseHandle(hToken);
getchar();
return 0;
}
Grant-UserRight DESKTOP-xxxxxxx\myusername SeTrustedCredManAccessPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeNetworkLogonRight Grant-UserRight DESKTOP-xxxxxxx\myusername SeTcbPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeMachineAccountPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeIncreaseQuotaPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeInteractiveLogonRight Grant-UserRight DESKTOP-xxxxxxx\myusername SeRemoteInteractiveLogonRight Grant-UserRight DESKTOP-xxxxxxx\myusername SeBackupPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeChangeNotifyPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeSystemtimePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeTimeZonePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeCreatePagefilePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeCreateTokenPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeCreateGlobalPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeCreatePermanentPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeCreateSymbolicLinkPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeDebugPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeEnableDelegationPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeRemoteShutdownPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeAuditPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeImpersonatePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeIncreaseWorkingSetPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeIncreaseBasePriorityPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeLoadDriverPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeLockMemoryPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeBatchLogonRight Grant-UserRight DESKTOP-xxxxxxx\myusername SeServiceLogonRight Grant-UserRight DESKTOP-xxxxxxx\myusername SeSecurityPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeRelabelPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeSystemEnvironmentPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeManageVolumePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeProfileSingleProcessPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeSystemProfilePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeUndockPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeAssignPrimaryTokenPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeRestorePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeShutdownPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeSyncAgentPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeTakeOwnershipPrivilege
答案 0 :(得分:2)
我认为您会发现这种行为是设计使然。如果有任何程序可以一at不振地默默运行,那会有什么安全性?
附录:Microsoft知道如何执行此操作,但它保留用于MMC中的“设置”应用程序或“磁盘管理”。屏幕键盘(OSK)是另一个。无需提示用户即可提升运行速度。他们的一条规则,我们的一条规则,是吗?