Terminate a process running in other users security context

delphi package - easy access to kernel objects etc.
Post Reply
SteveO
Posts: 5
Joined: Fri Jun 24, 2005 8:59 am

Terminate a process running in other users security context

Post by SteveO »

Hi,
I'm trying ot kill a desktop process from my application which a user will launch and my process will run in a different security context as as the local administrator. For example if I launch notepad.exe using Run As I cannot terminate it with the following:
Process('notepad.exe').Terminate;
However when I launch notepad normally in my security context the above works. I've tried using PROCESS_ALL_ACCESS but can't figure out how to use it. The furthest I got is:
Process('notepad.exe').GetHandle(PROCESS_ALL_ACCESS)
but I'm stuck at this point.
Any ideas?
Thanks,
Steve
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

The reason for the problems might be insufficient privileges. Try the following code. After having called that Process.Terminate might work.

Code: Select all

procedure EnableAllPrivileges;
type TTokenPrivileges = record
       PrivilegeCount : dword;
       Privileges     : array [0..maxInt shr 4 - 1] of TLUIDAndAttributes;
     end;
var c1, c2 : dword;
    i1     : integer;
    ptp    : ^TTokenPrivileges;
begin
  if OpenProcessToken(windows.GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, c1) then
    try
      c2 := 0;
      GetTokenInformation(c1, TokenPrivileges, nil, 0, c2);
      if c2 <> 0 then begin
        ptp := pointer(LocalAlloc(LPTR, c2 * 2));
        if GetTokenInformation(c1, TokenPrivileges, ptp, c2 * 2, c2) then begin
          for i1 := 0 to integer(ptp^.PrivilegeCount) - 1 do
            ptp^.Privileges[i1].Attributes := ptp^.Privileges[i1].Attributes or SE_PRIVILEGE_ENABLED;
          AdjustTokenPrivileges(c1, false, PTokenPrivileges(ptp)^, c2, PTokenPrivileges(nil)^, cardinal(pointer(nil)^));
        end;
        LocalFree(dword(ptp));
      end;
    finally CloseHandle(c1) end;
end;
SteveO
Posts: 5
Joined: Fri Jun 24, 2005 8:59 am

Post by SteveO »

madshi,

Many thanks. Once I enable all privileges with your code it now works fine. The peculiar thing is I tested on my home PC (XP SP2) and the original code worked fine. However my laptop is part of a corporate domain and has XP SP2 + lotsa hotfixes and it wouldn't work on that. However all is well when the extra privileges are added and I will now purchase madCollection tomorrow :-)
SteveO
Post Reply