So, I was approaching this incorrectly - fs virtualization is not what I want. To emulate UAC, as described above, its necessary to create a restricted token with the administrators group disabled and use that token to create the process.
Up vote 0 down vote favorite share g+ share fb share tw.
With UAC disabled, I need to create a process with the same characteristics as the process created with UAC enabled - basically I'm emulating process creation with UAC enabled. My only roadblock is virtualization. The sample code below should create an instance of notedpad at medium IL with virtualization enabled.
In actuality, it creates an instance of notepad at medium IL with virtualization disabled. I'm not entirely sure why the virtualization token is being ignored. Any ideas?
BOOL bRet; HANDLE hToken; HANDLE hNewToken; // Notepad is used as an example WCHAR wszProcessNameMAX_PATH = L"C:\\Windows\\System32\\Notepad. Exe"; // Medium integrity SID WCHAR wszIntegritySid20 = L"S-1-16-8192"; PSID pIntegritySid = NULL; DWORD EnableVirtualization = 1; TOKEN_MANDATORY_LABEL TIL = {0}; PROCESS_INFORMATION ProcInfo = {0}; STARTUPINFO StartupInfo = {0}; ULONG ExitCode = 0; if (OpenProcessToken(GetCurrentProcess(),MAXIMUM_ALLOWED, &hToken)) { if (DuplicateTokenEx(hToken, MAXIMUM_ALLOWED, NULL, SecurityImpersonation, TokenPrimary, &hNewToken)) { if (ConvertStringSidToSid(wszIntegritySid, &pIntegritySid)) { TIL.Label. Attributes = SE_GROUP_INTEGRITY; TIL.Label.
Sid = pIntegritySid; // Set the process integrity level if (SetTokenInformation(hNewToken, TokenIntegrityLevel, &TIL, sizeof(TOKEN_MANDATORY_LABEL) + GetLengthSid(pIntegritySid))) { // Enable FS Virtualization if (SetTokenInformation(hNewToken, TokenVirtualizationEnabled, &EnableVirtualization, sizeof(EnableVirtualization))) { // Create the new process at Low integrity bRet = CreateProcessAsUser(hNewToken, NULL, wszProcessName, NULL, NULL, FALSE, 0, NULL, NULL, &StartupInfo, &ProcInfo); } } LocalFree(pIntegritySid); } CloseHandle(hNewToken); } CloseHandle(hToken); } windows-7 windows-vista uac createprocessasuser link|improve this question asked Aug 17 '10 at 17:43amcorn331.
I don't think you can have virtualization without UAC. – Luke Aug 17 '10 at 19:08.
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.