Перечисление групп процесса

← →
Игорь © (2009-07-24 14:25) [0]

Правильно ли такое перечисление групп процесса?

const SE_GROUP_MANDATORY = $00000001; SE_GROUP_ENABLED_BY_DEFAULT = $00000002; SE_GROUP_ENABLED = $00000004; SE_GROUP_OWNER = $00000008; SE_GROUP_USE_FOR_DENY_ONLY = $00000010; SE_GROUP_INTEGRITY = $00000020; SE_GROUP_INTEGRITY_ENABLED = $00000040; SE_GROUP_RESOURCE = $20000000; SE_GROUP_LOGON_ID = $C0000000; procedure TForm1.EnumProcessGroups(PID: DWORD); const TokenSize = $1000; var hProcess, hToken: THandle; pTokenInfo: PTokenGroups; i, j: Integer; pName, pDomain: array[0..255] of Char; LastError, ReturnLength, SIDType: Cardinal; Group: PSIDAndAttributes; begin hProcess:= OpenProcess(MAXIMUM_ALLOWED, False, PID); if hProcess <> 0 then begin try if OpenProcessToken(hProcess, MAXIMUM_ALLOWED, hToken) then begin try GetMem(pTokenInfo, TokenSize); try if GetTokenInformation(hToken, TokenGroups, pTokenInfo, TokenSize, ReturnLength) then begin Group:= PSIDAndAttributes(PAnsiChar(pTokenInfo) + SizeOf(Cardinal)); for i:= 0 to pTokenInfo.GroupCount - 1 do begin FillChar(pName, SizeOf(pName), 0); FillChar(pDomain, SizeOf(pDomain), 0); j:= 0; repeat LookupAccountSID(nil, Group.Sid, PChar(@pName), ReturnLength, PChar(@pDomain), ReturnLength, SIDType); LastError:= GetLastError; Inc(j); until (string(pName) <> "") or (LastError = ERROR_NONE_MAPPED); with Form1.ListView1.Items.Add do begin Caption:= String(pDomain) + "\" + String(pName); SubItems.Add(""); if Group.Attributes and SE_GROUP_OWNER = SE_GROUP_OWNER then ListView1.Items[i].SubItems[0]:= "Owner"; if Group.Attributes and SE_GROUP_MANDATORY = SE_GROUP_MANDATORY then ListView1.Items[i].SubItems[0]:= ListView1.Items[i].SubItems[0] + "\ Mandatory"; if Group.Attributes and SE_GROUP_USE_FOR_DENY_ONLY = SE_GROUP_USE_FOR_DENY_ONLY then ListView1.Items[i].SubItems[0]:= ListView1.Items[i].SubItems[0] + "\ Deny"; if Group.Attributes and SE_GROUP_LOGON_ID = SE_GROUP_LOGON_ID then ListView1.Items[i].SubItems[0]:= ListView1.Items[i].SubItems[0] + "\ LogonID"; if Group.Attributes and SE_GROUP_INTEGRITY = SE_GROUP_INTEGRITY then ListView1.Items[i].SubItems[0]:= ListView1.Items[i].SubItems[0] + "\ Integrity"; if Group.Attributes and SE_GROUP_INTEGRITY_ENABLED = SE_GROUP_INTEGRITY_ENABLED then ListView1.Items[i].SubItems[0]:= ListView1.Items[i].SubItems[0] + "/ IntegrityEnabled"; if Group.Attributes and SE_GROUP_INTEGRITY = SE_GROUP_ENABLED then ListView1.Items[i].SubItems[0]:= ListView1.Items[i].SubItems[0] + "\ Enabled"; if Group.Attributes and SE_GROUP_INTEGRITY_ENABLED = SE_GROUP_ENABLED_BY_DEFAULT then ListView1.Items[i].SubItems[0]:= ListView1.Items[i].SubItems[0] + "\ EnabledByDefault"; if Group.Attributes and SE_GROUP_RESOURCE = SE_GROUP_RESOURCE then ListView1.Items[i].SubItems[0]:= ListView1.Items[i].SubItems[0] + "\ Resource"; end; Group:= PSIDAndAttributes(PAnsiChar(Group) + SizeOf(TSIDAndAttributes)); end; end; finally FreeMem(pTokenInfo); end; finally CloseHandle(hToken); end; end; finally CloseHandle(hProcess); end; end; end; procedure TForm1.FormCreate(Sender: TObject); begin EnumProcessGroups(GetCurrentProcessId); end;

← →
Eraser © (2009-07-24 18:40) [1]

сравни полученный результат с показаниями Process Explorer"а - вот и ответ.

Перечисление групп процесса Найти похожие ветки