问题描述
出于安全原因,我正在寻找一种删除进程权限的方法.我想以具有特权的用户身份开始,以有限的用户身份结束.
I'm looking for a method to drop process rights for security reasons. I want to start as user with privileges and end as limited user.
例如,我希望我的Web服务器仍然可以在端口80上侦听受限用户.
For example I want my web server to run under restricted user by I still want to listen on port 80.
如何在Windows下执行此类操作.与Unix类似:
How can I do such things under Windows. Something similar to Unix's:
bind_to_80();
chroot("/some/limited/dir");
setuid(limited_user_id);
setgid(limited_group_id);
chroot("/some/limited/dir");
// drop some more rights
fork(); // now I can't come back
如何在Windows下执行类似的操作?
How can I do something similar under Windows?
当然,我知道Windows没有fork或chroot,但是我正在寻找删除各种权利的方法,尤其是用户最佳实践.
Of course I understand that Windows does not have fork or chroot, but I'm looking for dropping various rights, especially user - best practices.
推荐答案
看看 Mark Russinovich对Windows下使用 CreateRestrictedToken
和 CreateProcessAsUser
.正如他所解释的那样,这并不是防弹,因为运行该进程的帐户仍然保留其特权.
Take a look at Mark Russinovich's description of stripping privileges under Windows using CreateRestrictedToken
and CreateProcessAsUser
. As he explains, this isn't bulletproof since the account under which the process is running still retains its privileges.
当然,他的 PsExec sysinternals实用程序可以帮助您删除至少具有Administrator
特权,而无需编码.
And of course, his PsExec sysinternals utility helps you strip away at least Administrator
privileges, without requiring coding.
对于现有过程,似乎 AdjustToken
和 AdjustTokenGroup
允许操作(前者显然需要XPSP2或更高版本),但本身需要特权...可能可以这种方式提交特权seppuku,但我没有尝试过:它们可能 barf操纵当前进程的特权.
For an existing process, it seems AdjustToken
and AdjustTokenGroup
permit manipulation (the former apparently requires XPSP2 or higher), but require privileges themselves... it might be possible to commit privilege seppuku this way, but I haven't tried them: they might barf on manipulating privileges of the current process.
这篇关于在Windows下删除进程权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!