Need a single-process soluton to prevent a normal user from terminating my process via Task Manager preferably by removing security rights from it. Admins are ok. WinXP solution needed.
Posted on 2006-04-13
BOOL B = InitializeAcl(&acl, sizeof acl, ACL_REVISION);
int Xerr = SetSecurityInfo(GetCurrentProcess(), SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION | PROTECTED_DACL_SECURITY_INFORMATION, 0, 0, &acl, 0);
This is my existing code and it works properly on Windows 2000. But on Windows XP, SetSecurityInfo() returns 0 (success) but the user can still terminate the process from task manager.
Having two processes keeping each other alive, or having one process launch another, is not an option. The tool is ran on logon-script from a network share and without this process running, the company-wide internet filtering will deny all access to this user. The idea here is to keep curious users from terminating the unknown process and generating helpdesk calls.
Why is this not working on Windows XP and what is a good solution? I understand what DACLs do but using the SDK functions together to get what I want is more complex and maybe I'm not doing it right.