我将函数GetProcessHandleAndID()写成如下代码:
bool GetProcessHandleAndID( char* _processName, PROCESS_INFORMATION* _processInfo /* out */ )
{
HANDLE SnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
if( SnapShot == INVALID_HANDLE_VALUE )
{
return false;
}
PROCESSENTRY32 procEntry;
procEntry.dwSize = sizeof( PROCESSENTRY32 );
if( !Process32First( SnapShot, &procEntry ) )
{
CloseHandleSafely(SnapShot);
return false;
}
do
{
if( strcmp( procEntry.szExeFile, _processName ) == 0 )
{
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, procEntry.th32ProcessID);
if(hProcess != NULL)
{
_processInfo->hProcess = hProcess;
_processInfo->dwProcessId = procEntry.th32ProcessID;
CloseHandleSafely(SnapShot);
return true;
}
}
}
while( Process32Next( SnapShot, &procEntry ) );
CloseHandleSafely(SnapShot);
return false;
}
OpenProcess(PROCESS_ALL_ACCESS, FALSE, procEntry.th32ProcessID)在管理员帐户中工作正常,但在普通帐户上运行时,NULL会返回GetLastError() = 5 = Access_Denied。
请注意,我在EnableDebugPriv()之前调用了函数GetProcessHandleAndID()。
void EnableDebugPriv()
{
HANDLE hToken;
LUID luid;
TOKEN_PRIVILEGES tkp;
OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken);
LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid);
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Luid = luid;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, false, &tkp, sizeof(tkp), NULL, NULL);
CloseHandle(hToken);
}
我已经搜索并阅读了有关此错误的更多信息,但我不知道如何让它在普通用户上正常运行而不是“以管理员身份运行”!
非常感谢,
T& T公司