On Linux, normally I use ptrace function to trace all syscall, and kill the process if the it tries to do anything harmful to my machine, such as system("shutdown -s -t 00") or so.
Is there a way for me to do this on Windows?
EDIT: I want to write Sandbox program to limit time and memory usage of its child that can work on both Win开发者_StackOverflow中文版dows and Linux, and now it can only run on Linux via ptrace
If you attach your process to a Job object, you can limit the CPU time and memory of the process. That won't allow you to prevent if from performing malicious actions but it will allow you to achieve what you asked.
To run an application in a sandbox you could create a new restricted access token with CreateRestrictedToken (here's some info about the privileges you can enable/disable), call ImpersonateLoggedOnUser with the new token, start the new process with CreateProcess and revert to your old token with RevertToSelf. I'm not sure if in all contexes you can instead directly use CreateProcessAsUser, give it a try.
May be too late, just came across your post looking for the same functionality myself.
I found CPU limit 1.1
You can download it here with source code http://www.killprog.com/etce.html
I'm using it very successfully, hope it helps you
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论