Need a single-process soluton to prevent a normal user from terminating my process via Task Manager preferably by removing security rights from it.  Admins are ok.  WinXP solution needed.

Posted on 2006-04-13
Last Modified: 2013-12-04
ACL acl;
BOOL B = InitializeAcl(&acl, sizeof acl, ACL_REVISION);

This is my existing code and it works properly on Windows 2000.  But on Windows XP, SetSecurityInfo() returns 0 (success) but the user can still terminate the process from task manager.

Having two processes keeping each other alive, or having one process launch another, is not an option.  The tool is ran on logon-script from a network share and without this process running, the company-wide internet filtering will deny all access to this user.  The idea here is to keep curious users from terminating the unknown process and generating helpdesk calls.

Why is this not working on Windows XP and what is a good solution?  I understand what DACLs do but using the SDK functions together to get what I want is more complex and maybe I'm not doing it right.
- Max
Question by:MaxRCannaday
    LVL 12

    Accepted Solution

    As far as I can tell the


    part only prevents the process from inheriting access control entries, but the user is still the owner of the process and can thus terminate it. Maybe this behaviour is different from Windows 2000. All I know from SetSecurityInfo is from here:

    Can you set the owner to S-1-5-32-544 (Administrators SID) so users are not the owner of the process anymore?

    Author Comment

    Generally speaking, when giving answers, it would be nice if examples on how to do it (properly) were included.  But this general answer was enough for me to solve the problem with a fair amount of research to figure out how to change the owner.

    Thanks for the help.
    LVL 12

    Expert Comment

    I'm not a programmer ;-)

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Join & Write a Comment

    No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
    As a Mac user and former AppleCare AHA & Senior Advisor, I'm constantly bombarded with questions about Macs and if they need Antivirus. This short article is my response to those questions.
    This video discusses moving either the default database or any database to a new volume.
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now