java 模拟
我们有一个在 Windows 上以本地系统用户身份运行的 java 进程,它需要访问系统上另一个用户拥有的文件。据我了解,本地系统用户应该有权模拟该用户。为此,我们传递正在访问该文件的程序的 tid 和 pid,并从中获取用户信息(令牌)。然后我们在当前线程上设置令牌。是这样的:
DuplicateTokenEx(hToken,MAXIMUM_ALLOWED,NULL,SecurityImpersonation,TokenImpersonation,&hTokenDup);
SetThreadToken(NULL, hTokenDup);
其中hToken是通过打开线程获得的,然后通过它们的id进行处理。 问题是当我尝试访问一个只能由用户访问而其他人无法读取的文件时。我收到访问被拒绝错误。所以问题是我是否应该能够通过模拟访问这个文件,如果是的话,在给定 threadid 和 pid 的情况下模拟另一个用户是否正确。我想我也会看到 Windows 7 和 Windows XP 之间的不同行为。
We have a java process running as the local system user on windows that needs to access a file that is owned by another user on the system. From what I understand the local system user should have permissions to impersonate that user. To do this we pass the tid and pid of a program that is accessing the file and get the user information (a token) from that. Then we set the token on the current thread. Something like this:
DuplicateTokenEx(hToken,MAXIMUM_ALLOWED,NULL,SecurityImpersonation,TokenImpersonation,&hTokenDup);
SetThreadToken(NULL, hTokenDup);
Where hToken is obtained by opening the thread and then process via their ids.
The problem is when I try to access a file that is only accesible by the user and no one else I am unable to read it. I get an access denied error. So the question is whether or not I should be able to access this file via impersonation and if so is this the correct to impersonate another user given a threadid and pid. I guess also would I see different behavior between windows 7 and windows xp.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
对于初学者,您应该始终测试 Windows API 调用的返回值。
只有这样,您才能确定令牌确实已被复制并分配给您的进程。
模拟需要一些权限,如果您是一个简单的用户,我不确定您是否拥有这些权限。我怀疑 DuplicateTokenEx 函数失败。
使用管理员权限重试(使用“运行方式...”工具),并让我们知道情况如何。
For starters, you should always test the return values of your Windows API calls.
Only then will you be sure that the token has indeed been copied and assigned to your process.
Impersonation requires some privileges, which I'm not really not sure you'd have if you're a simple user. I suspect the DuplicateTokenEx function fails.
Try again with administrator privileges (use the "Run as..." tool), and let us know how it goes.