以用户身份创建流程

时间:2011-12-20 11:28:16

标签: visual-c++

我有一个以系统身份运行的服务。我正在创建一个流程,但该流程也在系统帐户下运行。

我想以用户身份运行该特定进程。为此,我使用了CreateProcessAsUser API。有什么问题?我复制了下面的代码。

void Create_Process()
{
    PHANDLE primaryToken = GetCurrentUserToken();
    if (primaryToken == 0)
    {
    return FALSE;
    }
    STARTUPINFO StartupInfo;
    PROCESS_INFORMATION processInfo;
    StartupInfo.cb = sizeof(STARTUPINFO);
    SECURITY_ATTRIBUTES Security1;
    SECURITY_ATTRIBUTES Security2;
    void* lpEnvironment = NULL; 
    // Get all necessary environment variables of logged in user
    // to pass them to the process
    BOOL resultEnv = CreateEnvironmentBlock(&lpEnvironment,primaryToken, FALSE);
    if (resultEnv == 0)
    { 
    long nError = GetLastError(); 
    }
    // Launch the process in the client's logon session.
    BOOL result= CreateProcessAsUser(
    primaryToken,            
    _T("c:\\windows\\system32\\abc.exe"),              
    NULL,     
    &Security1,              
    &Security2,              
    FALSE,             
    NORMAL_PRIORITY_CLASS | CREATE_UNICODE_ENVIRONMENT,  
    lpEnvironment,              
    NULL,              
    &StartupInfo,               
    &processInfo               
    );

}

PHANDLE GetCurrentUserToken()
{
    PHANDLE currentToken = 0;
    PHANDLE primaryToken = 0;
    int dwSessionId = 0;
    PHANDLE hUserToken = 0;
    PHANDLE hTokenDup = 0;
    PWTS_SESSION_INFO pSessionInfo = 0;
    DWORD dwCount = 0;
    // Get the list of all terminal sessions 
    WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE, 0, 1, &pSessionInfo, &dwCount);
    int dataSize = sizeof(WTS_SESSION_INFO);
    // look over obtained list in search of the active session
    for (DWORD i = 0; i < dwCount; ++i)
    {
    WTS_SESSION_INFO si = pSessionInfo[i];
    if (WTSActive == si.State)
    {
    // If the current session is active – store its ID
    dwSessionId = si.SessionId;
    break;
    }
    }
    // Get token of the logged in user by the active session ID

    BOOL bRet = WTSQueryUserToken(dwSessionId, currentToken);
    if (bRet == false)
    {
    return 0;
    }

    bRet = DuplicateTokenEx(currentToken, TOKEN_ASSIGN_PRIMARY | TOKEN_ALL_ACCESS, 0, SecurityImpersonation, TokenPrimary, primaryToken);
    if (bRet == false)
    {
        return 0;
    }
    return primaryToken;
}

0 个答案:

没有答案