public static bool ProtectProc()
{
int secSize = 0;
const int PROCESS_ALL_ACCESS = 0x1F0FFF;
const int SDDL_REVISION_1 = 0x00000001;
const int DACL_SECURITY_INFORMATION = 0x00000004;
Win32.SECURITY_ATTRIBUTES sa = new Win32.SECURITY_ATTRIBUTES();
sa.nLength = Marshal.SizeOf(sa);
sa.bInheritHandle = 0;
// Get a handle of our process with all access rights
IntPtr hProc = Win32.OpenProcess(PROCESS_ALL_ACCESS, false, Process.GetCurrentProcess().Id);
if (!Win32.ConvertStringSecurityDescriptorToSecurityDescriptor("D:P", SDDL_REVISION_1, out sa.lpSecurityDescriptor, out secSize))
{
return(false);
}
if (!Win32.SetKernelObjectSecurity(hProc, DACL_SECURITY_INFORMATION, sa.lpSecurityDescriptor))
{
return(false);
}
Win32.CloseHandle(hProc);
return(true);
}
public static bool ProtectProc(IntPtr hProcess)
{
const int DACL_SECURITY_INFORMATION = 0x00000004;
const int SDDL_REVISION_1 = 0x00000001;
Win32.SECURITY_ATTRIBUTES sa = new Win32.SECURITY_ATTRIBUTES();
sa.nLength = Marshal.SizeOf(sa);
sa.bInheritHandle = 0;
int secSize = 0; //TODO: Check size before calling SKOS?
Win32.ConvertStringSecurityDescriptorToSecurityDescriptor("D:P", SDDL_REVISION_1, out sa.lpSecurityDescriptor, out secSize);
if (Win32.SetKernelObjectSecurity(hProcess, DACL_SECURITY_INFORMATION, sa.lpSecurityDescriptor))
{
return(true);
}
else
{
return(false);
}
}
