none
驱动保护进程 RRS feed

全部回复

  • Hi M360xc,

    感谢在MSDN论坛发帖。

    据我所知,每个进程在被创建的时候,就会设置一些访问安全等级。这样就会保护这个进程的资源不被其他进程访问到。

    所以你可以尝试这样的方式来保护进程不被非法入侵。

    下面是一个代码的实例,希望对你有帮助。

    // Auth Identity structure
    SEC_WINNT_AUTH_IDENTITY_W        authidentity;
    SecureZeroMemory( &authidentity, sizeof(authidentity) );
    
    authidentity.User = L"MyUser";
    authidentity.UserLength = wcslen( authidentity.User );
    authidentity.Domain = L"MyDomain ";
    authidentity.DomainLength = wcslen( authidentity.Domain );
    authidentity.Password = L"";
    authidentity.PasswordLength = wcslen( authidentity.Password );
    authidentity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
    
    SecureZeroMemory( authninfo, sizeof(SOLE_AUTHENTICATION_INFO)*2 );
    
    // NTLM Settings
    authninfo[0].dwAuthnSvc = RPC_C_AUTHN_WINNT;
    authninfo[0].dwAuthzSvc = RPC_C_AUTHZ_NONE;
    authninfo[0].pAuthInfo = &authidentity;
    
    // Kerberos Settings
    authninfo[1].dwAuthnSvc = RPC_C_AUTHN_GSS_KERBEROS ;
    authninfo[1].dwAuthzSvc = RPC_C_AUTHZ_NONE;
    authninfo[1].pAuthInfo = &authidentity;
    
    SOLE_AUTHENTICATION_LIST    authentlist;
    
    authentlist.cAuthInfo = 2;
    authentlist.aAuthInfo = authninfo;
    
    CoInitializeSecurity( 
      NULL, 
      -1, 
      NULL, 
      NULL, 
      RPC_C_AUTHN_LEVEL_CALL, 
      RPC_C_IMP_LEVEL_IMPERSONATE,
      &authentlist, 
      EOAC_NONE,
      NULL);

    MSDN文档有详细解释文档。

    Setting the Default Process Security Level Using C++

    Best Regards,

    Hart


    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    2017年3月13日 3:20
    版主