Suppose a program is running with elevated privileges already, and it needs to see the contents of the System Volume Information folder, and by default, only NT Authority\System can do that. A workaround would be to change ACL's on the folder, but I don't want to mess with that. I already found two ways to do it: the task scheduler and psexec. They are too indirect, I don't even need to describe the first one, and the second one works by installing a windows service, running it, telling it to run whatever I wanted to run, then uninstalling the service. Now the question is: is there a direct, simple WinAPI function to run something as system? I don't think that such an API would circumvent the security restrictions, as an administrator I have the right to schedule a task or install a service, so there must be a shortcut.
UPDATE: if there's开发者_运维技巧 an actual API to specifically tell me the contents of System Volume Information, then it would be perfect, no need to run as system.
You don't need to change folder's ACL. Instead you can change ACL of your process. It is done by set of Impersonate functions (ImpersonateLoggedOnUser for example)
精彩评论