Yes, this old chestnut ...
I'm doing the usual stuff ... enumerate processes and then I want to try to
get a fully pathed name to the executable, so I use :
OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ, false,
ProcItem.th32ProcessID);
to get the Process handle which I then use with GetModuleFilenameEx to get
the actual filename.
Problem ... when run using a non-administrative account (on XP), OpenProcess
fails. I've tried :
function EnableProcessPrivilege(Privilege : string; Enable : boolean) :
boolean;
const
PrivAttrs : array[boolean] of DWORD = (0, SE_PRIVILEGE_ENABLED);
var
tpResult : boolean;
Token : THandle;
TokenPriv : TTokenPrivileges;
begin
Result := true;
if (Win32Platform = VER_PLATFORM_WIN32_NT) then begin
tpResult := OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES
or TOKEN_QUERY, Token);
if tpResult and LookupPrivilegeValue(nil, PChar(Privilege),
TokenPriv.Privileges[0].Luid) then begin
TokenPriv.PrivilegeCount := 1;
TokenPriv.Privileges[0].Attributes := PrivAttrs[Enable];
Result := AdjustTokenPrivileges(Token, false, TokenPriv,
SizeOf(TokenPriv), PTokenPrivileges(nil)^, cardinal(Pointer(nil)^));
CloseHandle(Token);
end; {if}
end; {if}
end; {EnableProcessPrivilege}
EnableProcessPrivilege('SeDebugPrivilege', true);
... to no avail ... any ideas ?
Thanks
Andrew
