?
Solved

Create process as user SYSTEM

Posted on 2006-05-04
8
Medium Priority
?
1,051 Views
Last Modified: 2008-02-01
Hi,

(win32 console project on win2000/XP)

I'm still having problems accessing an event that was created by a process running as SYSTEM. Processes running as other users cannot seem to access those named events. So I have two small command line programs for testing. But how can I run the creator test program as SYSTEM? I thought I could make a 3rd app which just calls CreateProcess(), and in there specify which user to run as? Here are the 2 programs I have:

// Creator, should be run as SYSTEM //

#include <windows.h>
#include <atlbase.h>
#include <fstream>
#include <iostream>

using namespace std;

int main()
{
    char szEventProcessName[65];
    _snprintf(szEventProcessName, 64, "MY_NAMED_EVENT");


    // For our pause and cancel events, we need to specify global security rights, otherwise
    // the server monitor won't be able to access them.
    PSID                        psidWorldSid = NULL;
    SECURITY_DESCRIPTOR         sd;
    SECURITY_ATTRIBUTES         sa;
    SID_IDENTIFIER_AUTHORITY    siaWorldSidAuthority = SECURITY_WORLD_SID_AUTHORITY;
    DWORD                       dwCreate = 0;
    psidWorldSid =  (PSID)LocalAlloc(LPTR, GetSidLengthRequired(1));
    InitializeSid(psidWorldSid, &siaWorldSidAuthority, 1);
    *(GetSidSubAuthority(psidWorldSid, 0)) = SECURITY_WORLD_RID;
    InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
    SetSecurityDescriptorGroup(&sd, psidWorldSid, TRUE);
    ZeroMemory(&sa, sizeof(SECURITY_ATTRIBUTES));
    sa.nLength              =  sizeof(SECURITY_ATTRIBUTES);
    sa.lpSecurityDescriptor =  &sd;
    sa.bInheritHandle       =  FALSE;

    ofstream olog("C:\\zsecurity.txt");

    // Open the named, manual reset process event. This should be initially signaled.
    // The UI should call ResetEvent() to cause the processing to pause.
    HANDLE hEventProcess = CreateEvent(&sa, TRUE, FALSE, szEventProcessName);
    if (hEventProcess == NULL) {
        olog << "Could not create process (pause) event: [" << GetLastError() << "]." << endl;
        return 1;
    }
    else {
        olog << "Event created ok." << endl;
    }

    // Now just wait until we're signaled.
    // Is hEventProcess signaled? If so we may continue, otherwise we will just be paused here.
    if (WaitForSingleObject(hEventProcess, INFINITE) == WAIT_OBJECT_0) {
        // After this condition is met, we know they chose to resume.
        olog << "The event was signaled!" << endl;
    }

    return 0;
}



// Accessor, running as some other user.

#include <windows.h>
#include <atlbase.h>

int main()
{
    HANDLE hEvent = OpenEvent(EVENT_MODIFY_STATE, FALSE, "MY_NAMED_EVENT");
    if (hEvent != NULL) {

        ATLTRACE("The event was opened successfully!\n");

        // Try to set the event now.
        if (SetEvent(hEvent) == 0) {
            ATLTRACE("Setting the event failed! GLE: [%i].\n", GetLastError());
        }
        else {
            ATLTRACE("Setting the event was successful!\n");
            CloseHandle(hEvent);
        }
    }
    else {
        ATLTRACE("Couldn't set event, GLE: [%i].\n", GetLastError());
    }

    return 0;
}
0
Comment
Question by:minnirok
  • 4
  • 4
8 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 16606386
>>But how can I run the creator test program as SYSTEM?

Start it from a running Windows Service. Everything else will be hacky.
0
 
LVL 7

Author Comment

by:minnirok
ID: 16606414
How can I do that jkr?

Thanks
0
 
LVL 86

Expert Comment

by:jkr
ID: 16606500
Well, from the service, just call 'CreateProcess()' to run the program. See http://msdn.microsoft.com//library/en-us/dndllpro/html/msdn_ntservic.asp ("Creating a Simple Win32 Service in C++") on how to create such a service. You could just create a service that has only one purpose - launching your program upon a control request. Regarding that, see see http://msdn.microsoft.com/library/en-us/dllproc/base/service_control_program_tasks.asp ("Service Control Program Tasks")
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Author Comment

by:minnirok
ID: 16606545
Ah there was an easy project to do it as well on code project:

    http://www.codeproject.com/system/xyntservice.asp

now that it's running I am getting the error:

    ERROR_ACCESS_DENIED

when trying to open the event from my second command line app running as some admin user! I'm still completely stumped on this, I thought the security attribute stuff was working at this point. Any ideas?
0
 
LVL 86

Accepted Solution

by:
jkr earned 2000 total points
ID: 16606614
It should work - you could additionally try http://support.microsoft.com/default.aspx?scid=kb;en-us;193073 ("How To Modify Default DACL for Sharing Objects") or set a NULL DACL on the object using

SetSecurityDescriptorDacl(&sd, TRUE, NULL, TRUE);

which permits all types of access to all users (see http://msdn.microsoft.com/library/en-us/secbp/security/creating_a_dacl.asp - "Creating a DACL" for the caveats, though)
0
 
LVL 7

Author Comment

by:minnirok
ID: 16606755
Oh wow - calling

    SetSecurityDescriptorDacl(&sd, TRUE, NULL, TRUE);

seems to have made it work now - it actually was able to set the event. Let me just give it a try in the actual application I need to use it in.

Thanks
0
 
LVL 7

Author Comment

by:minnirok
ID: 16608739
looks like that did it, thanks!
0
 
LVL 86

Expert Comment

by:jkr
ID: 16608767
You're most welcome - I hope you read the 'caveats' also ;o)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Templates For Beginners Or How To Encourage The Compiler To Work For You Introduction This tutorial is targeted at the reader who is, perhaps, familiar with the basics of C++ but would prefer a little slower introduction to the more ad…
This article shows you how to optimize memory allocations in C++ using placement new. Applicable especially to usecases dealing with creation of large number of objects. A brief on problem: Lets take example problem for simplicity: - I have a G…
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.

750 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question