CreateProcessWithTokenW succeeds but is not using the token

Question

Hello,

I am using CreateProcessWithTokenW to create a process with a logged on user token in a different session.  The call succeeds, but the process is created in the current session instead of the token's session.  In this case, I am calling CPWTW from a service running in the SYSTEM account (session 0), and the token was taken from winlogon.exe in session 1.

I called GetTokenInformation right before the call to CPWTW, and can clearly see that the session ID in the token is correct (session 1), but the process is still created in session 0.

CreateProcessAsUser at the same place with similar parameters works and creates the process in same session as the token.  But I would like to understand why CPWTW doesn't work in this scenario.

The call is as follows:

bResult = pfnCreateProcessWithTokenW(hNewToken, LOGON_WITH_PROFILE,

NULL, wszCmdLine,

dwCreationFlags, pEnv, NULL, &si, &pi);

With

dwCreationFlags == CREATE_UNICODE_ENVIRONMENT | NORMAL_PRIORITY_CLASS;
pEnv retrieved with CreateEnvironment.
si.lpDesktop == "Winsta0\\default";


Any ideas?

Answer 1

I took a quick peek at the code.

Both CreateProcessWithTokenW and CreateProcessWithLogonW create the process in the session of the caller.

---

This posting is provided "AS IS" with no warranties, and confers no rights.

Answer 2

Well, that certainly explains it.  Thanks for looking into this and responding.  In case somebody finds it helpful, I've written a blog about some of the common uses of CreateProcessAsUser and CreateProcessWithTokenW here:  http://www.blackfishsoftware.com/blog/don/creating_processes_sessions_integrity_levels