All geek questions in one place

CreateProcessAsUser vs ShellExecute

I need ShellExecutesomething as another user, I am currently running a helper process with CreateProcessAsUserone that calls ShellExecute, but this seems like too much of a hack (wrong parent process, etc.). Is there a better way to do this?

@PabloG: ImpersonateLoggedOnUser not working:

HANDLE hTok;
VERIFY (LogonUser ("otheruser", 0, "password", LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, & hTok));
VERIFY (ImpersonateLoggedOnUser (hTok));
ShellExecute (0,0, "calc.exe", 0,0, SW_SHOW);
RevertToSelf ();
CloseHandle (hTok);

will start to be calculated as a registered user, not "otheruser"

@ 1800 INFO: CreateProcess/ CreateProcessAsUserdoes not match ShellExecute, with UAC in Vista, it is CreateProcessuseless if you do not have control over which program the user is executing ( CreateProcesswill return with an error if you give it an exe file with a manifest marked as requireAdmin)

@Brian R. Bondy: I ​​already know this information (and don’t get me wrong, its good things), but it’s not a topic (IMHO) I ask ShellExecuteAsUser, and not another user, about starting processes, I already know how to do it.

+3
source share
4 answers

The solution really depends on your needs and can be quite complicated (thanks in full to Windows Vista). This will probably be beyond your needs, but it will help others who find this page through a search.

  • ,
  • , ,
  • ,

1: Windows Vista - 0. 0, 0. 1. (pre Vista) 0.

. 0 .

1), . 0.

: LogonUser, ExpandEnvironmentStringsForUser, GetLogonSID, LoadUserProfile, CreateEnvironmentBlock, CreateProcessAsUser.

Google

2: , , , : WTSEnumerateSessions WTSQuerySessionInformation, , WTSQueryUserToken, . API- CreateProcessAsUser Win32.

, / . , , .

WTSGetActiveConsoleSessionId.

3: , # 1, , STARTUPINFO lpDesktop. winsta0\Default. OpenDesktop Win32 API, , CreateDesktop. SetSecurityInfo SE_WINDOW_OBJECT GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION.

, , , .

4: , , . , , . , , . , , , , ExecutionLevel = "requireAdministrator"

:

  • SetTokenInformation TokenSessionId
  • .
  • , Vista .
+9

ShellExecute, :

C:\windwos\system32\cmd.exe /k" start <your_target_to_be_ShellExecuted>"   CreateProcessAsUser, .

+1

ShellExecute ImpersonateLoggedOnUser/RevertToSelf

links: ImpersonateLoggedOnUser: http://msdn.microsoft.com/en-us/library/aa378612(VS.85).aspx RevertToSelf: http://msdn.microsoft.com/en-us/library/aa379317.aspx

sorry cannot hyperlink urls using "()"

0
source

Why don't you just create a CreateProcessAsUser that defines the process you want to start?

You can also use SHCreateProcessAsUserW.

0
source

Source: https://habr.com/ru/post/1696580/

More articles:


All Articles