Главная страница
Top.Mail.Ru    Яндекс.Метрика
Текущий архив: 2011.12.25;
Скачать: CL | DM;

Вниз

CreateRestrictedToken   Найти похожие ветки 

 
Jon ©   (2009-03-08 14:17) [0]

Does anyone have a working example of how to use the Win32 API function CreateRestrictedToken?

I am trying to create a process as a limited/restricted user, but I cannot get the above token created.


 
MTsv DN   (2009-03-08 15:30) [1]

Try this:
http://www.codeproject.com/KB/system/RunUser.aspx

or this:
http://www.sendspace.com/file/u8m73f


 
Jon ©   (2009-03-08 16:35) [2]

Thanks - but first link is in C++ (which I find confusing) and second link does not use CreateRestrictedToken...


 
MTsv DN   (2009-03-08 17:50) [3]

I thought you want "create a process as a limited/restricted user"... function Process_RunAsSystem(ApplicationName: String; IntegrityLevel: TIntegrityLevel): Boolean; overload; and some functions such as _Process_RunAsSystem_1 are exist in unit RunAsSystem... Showing works with CreateProcessWithToken, GetTokenInformation and other... I thought these shall been useful for you...


 
jon ©   (2009-03-08 18:08) [4]

Understood - I shall try again. Thank you very much.


 
имя   (2009-04-09 21:42) [5]

Удалено модератором


 
Игорь ©   (2009-04-21 08:08) [6]

const
 DISABLE_MAX_PRIVILEGE = $1;

function CreateRestrictedToken(ExistingTokenHandle: THandle; Flags: Longword;
 DisableSidCount: Longword; var SidToDisable: SID_AND_ATTRIBUTES;
 DeletePrivilegeCount: Longword; var PrivilegesToDelete: LUID_AND_ATTRIBUTES;
 RestrictedSidCount: Longword; var SidToRestrict: SID_AND_ATTRIBUTES; var NewTokenHandle: THandle): Longword; stdcall; external "Advapi32.dll" name "CreateRestrictedToken";

procedure TForm1.Button1Click(Sender: TObject);
var
 hToken, hNewToken: THandle;
 SidToDisable, SidToRestrict: SID_AND_ATTRIBUTES;
 PrivilegesToDelete: LUID_AND_ATTRIBUTES;
 SI: STARTUPINFO;
 PI: PROCESS_INFORMATION;
begin
 OpenProcessToken(GetCurrentProcess, MAXIMUM_ALLOWED, hToken);
 CreateRestrictedToken(hToken, DISABLE_MAX_PRIVILEGE, 0, SidToDisable, 0, PrivilegesToDelete, 0, SidToRestrict, hNewToken);
 if ImpersonateLoggedOnUser(hNewToken) then
 begin
   ZeroMemory(@SI, SizeOf(SI));
   SI.cb:= SizeOf(SI);
   CreateProcessAsUser(hNewToken, PChar(Application.ExeName), "", nil, nil, False,
     CREATE_DEFAULT_ERROR_MODE, nil, nil, SI, PI);
   RevertToSelf;
 end;
end;



Страницы: 1 вся ветка

Текущий архив: 2011.12.25;
Скачать: CL | DM;

Наверх




Память: 0.48 MB
Время: 0.009 c
15-1315168547
Германн
2011-09-05 00:35
2011.12.25
Ещё один глупый вопрос.


10-1176059747
Vladimir8
2007-04-08 23:15
2011.12.25
Поставить нужный тип свойства в Type-library editor


1-1278219470
revo
2010-07-04 08:57
2011.12.25
Занят файл или нет


15-1315380382
user1987
2011-09-07 11:26
2011.12.25
Помогите разобраться с Post данными


2-1315895287
KIR@PRO
2011-09-13 10:28
2011.12.25
TComboBox vs PStrings