目的是防止本地用户帐户终止我的进程。 AFAIK,这是通过以管理员身份执行进程或提高进程的完整性来实现的。
目前,我正在使用 .exe 的 list 文件以管理员权限执行该进程。我的用户是管理员类型,只需在 UAC 提示中单击"is"即可。我希望摆脱这种麻烦,并以编程方式提高流程的完整性。但在下面的摘录中,SetTokenInformation()
出现错误“客户端不持有所需的权限”。我使用 UserRights.ps1 启用了所有权限但它仍然显示错误。
#include <stdio.h>
#include <windows.h>
#include <malloc.h>
void failure(const char *message, const int line)
{
char buf[256] = { 0 };
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, GetLastError(), MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)&buf, sizeof(buf), NULL);
puts(buf);
exit(1);
}
int main(void)
{
HANDLE hToken;
if (OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken) == 0)
failure("OpenProcessToken()", __LINE__);
ULONG cbSid = GetSidLengthRequired(1);
TOKEN_MANDATORY_LABEL tml = { { alloca(cbSid) } };
if (CreateWellKnownSid(WinHighLabelSid, NULL, tml.Label.Sid, &cbSid) == 0)
failure("CreateWellKnownSid()", __LINE__);
if (SetTokenInformation(hToken, TokenIntegrityLevel, &tml, sizeof(tml)) == 0)
failure("SetTokenInformation()", __LINE__);
CloseHandle(hToken);
getchar();
return 0;
}
Grant-UserRight DESKTOP-xxxxxxx\myusername SeTrustedCredManAccessPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeNetworkLogonRight Grant-UserRight DESKTOP-xxxxxxx\myusername SeTcbPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeMachineAccountPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeIncreaseQuotaPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeInteractiveLogonRight Grant-UserRight DESKTOP-xxxxxxx\myusername SeRemoteInteractiveLogonRight Grant-UserRight DESKTOP-xxxxxxx\myusername SeBackupPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeChangeNotifyPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeSystemtimePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeTimeZonePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeCreatePagefilePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeCreateTokenPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeCreateGlobalPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeCreatePermanentPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeCreateSymbolicLinkPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeDebugPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeEnableDelegationPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeRemoteShutdownPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeAuditPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeImpersonatePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeIncreaseWorkingSetPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeIncreaseBasePriorityPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeLoadDriverPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeLockMemoryPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeBatchLogonRight Grant-UserRight DESKTOP-xxxxxxx\myusername SeServiceLogonRight Grant-UserRight DESKTOP-xxxxxxx\myusername SeSecurityPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeRelabelPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeSystemEnvironmentPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeManageVolumePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeProfileSingleProcessPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeSystemProfilePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeUndockPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeAssignPrimaryTokenPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeRestorePrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeShutdownPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeSyncAgentPrivilege Grant-UserRight DESKTOP-xxxxxxx\myusername SeTakeOwnershipPrivilege
最佳答案
我想您会发现这种行为是设计使然。如果任何进程都可以悄无声息地瞬间提升运行速度,那还会有什么安全性呢?
附录:Microsoft 知道如何执行此操作,但它是为 MMC 中的“设置”应用程序或“磁盘管理”等内容保留的。屏幕键盘 (OSK) 是另一种。这会在不提示用户的情况下运行提升。他们一套规则,我们一套规则,是吗?
关于c - 在没有 UAC 提示的情况下提高进程完整性,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51048090/