gpt4 book ai didi

c# - 以管理员身份运行时,如何让 IEnumMoniker.Next 返回名字对象?

转载 作者:行者123 更新时间:2023-12-05 03:01:51 27 4
gpt4 key购买 nike

此代码在实用程序中已运行多年。我们最近更新了程序以强制执行 UAC,但我们发现此代码仅在未以管理员身份运行时才有效; while 循环内的代码在以管理员身份运行时永远不会执行,但相同的代码在未提升权限时返回名字列表。

using System;
using System.Runtime.InteropServices;
using System.Runtime.InteropServices.ComTypes;

namespace ROTExplorer
{
class Program
{
[DllImport("ole32.dll")]
static extern int GetRunningObjectTable(uint reserved, out IRunningObjectTable rot);

[DllImport("Ole32.Dll")]
static extern int CreateBindCtx(int reserved, out IBindCtx bindCtx);

static void Main(string[] args)
{
FindEntryInROT();
Console.WriteLine("Press any key to continue.");
Console.ReadKey();
}

private static string FindEntryInROT()
{
IRunningObjectTable rot = null;
IBindCtx bindCtx = null;
IEnumMoniker enumMoniker = null;
IMoniker[] monikers = new IMoniker[1];
string displayName = null;
try
{
GetRunningObjectTable(0, out rot);
CreateBindCtx(0, out bindCtx);
rot.EnumRunning(out enumMoniker);
IntPtr fetched = IntPtr.Zero;
while (enumMoniker.Next(1, monikers, fetched) == 0)
{
string tempName;
monikers[0].GetDisplayName(bindCtx, null, out tempName);
Marshal.ReleaseComObject(monikers[0]);
monikers[0] = null;
try
{
Console.WriteLine(tempName);
}
catch
{
Console.WriteLine("Bad string");
}
}
}
catch (Exception ex)
{
Console.WriteLine("Failure while examining ROT: " + ex.Message);
}
finally
{
ReleaseCOMObject(monikers[0]);
ReleaseCOMObject(enumMoniker);
ReleaseCOMObject(bindCtx);
ReleaseCOMObject(rot);
}
Console.WriteLine(displayName);
return displayName;
}

private static void ReleaseCOMObject(object comObject)
{
if (comObject != null)
{
Marshal.ReleaseComObject(comObject);
comObject = null;
}
}

}

我已经在 2 台机器上试过了。其他人可以试试这个并确认此代码仅在未以管理员身份运行时返回名字列表。

有没有人想过为什么 IEnumMoniker 在提升的进程中运行时不返回名字对象但在不以管理员身份运行时返回列表?

最佳答案

我向 Microsoft 开了一张工单。它被升级了,我终于得到了答案:它按设计工作。以下是相关对话:

微软支持:

The SCM/RPCSS service is where the Running Object Table lives. When the table is enumerated, the service does several checks. One of these checks is specifically to match the elevation level of the client token with the elevation level of the token's entry. If it doesn't match, then the entry will not be returned. The behavior you are seeing is by design.

我:

Can you send me a link to where this is documented? Having 'elevated' privileges should give the user access to more objects, not less. What you're describing seems to be akin to simply logging in as a different user.

微软支持:

It’s not documented directly.
In some ways, your last statement is correct. An admin user has two security tokens, one for normal operation, and one for elevated. They are never used at the same time. https://learn.microsoft.com/en-us/windows/security/identity-protection/user-account-control/how-user-account-control-works When an administrator logs on, two separate access tokens are created for the user: a standard user access token and an administrator access token. The standard user access token contains the same user-specific information as the administrator access token, but the administrative Windows privileges and SIDs are removed. I believe the reasoning behind all of this is security related, but I can’t explain that very well.

我:

The administrator token has access to the standard user's files; why are the user's COM objects treated differently from the user's file objects?

微软支持:

Because that’s the design decision the product group made. I don’t have further information on exactly why they made it like this.

我:

It really sounds like a bug to me, or a faulty design. Is there a way to put this on the product group's radar?

微软支持:

Unfortunately, there’s no leverage for getting any change in this area.

关于c# - 以管理员身份运行时,如何让 IEnumMoniker.Next 返回名字对象?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/55466499/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com