Example #1
0
        public static bool ProtectProc()
        {
            int       secSize                   = 0;
            const int PROCESS_ALL_ACCESS        = 0x1F0FFF;
            const int SDDL_REVISION_1           = 0x00000001;
            const int DACL_SECURITY_INFORMATION = 0x00000004;

            Win32.SECURITY_ATTRIBUTES sa = new Win32.SECURITY_ATTRIBUTES();
            sa.nLength        = Marshal.SizeOf(sa);
            sa.bInheritHandle = 0;

            // Get a handle of our process with all access rights
            IntPtr hProc = Win32.OpenProcess(PROCESS_ALL_ACCESS, false, Process.GetCurrentProcess().Id);

            if (!Win32.ConvertStringSecurityDescriptorToSecurityDescriptor("D:P", SDDL_REVISION_1, out sa.lpSecurityDescriptor, out secSize))
            {
                return(false);
            }

            if (!Win32.SetKernelObjectSecurity(hProc, DACL_SECURITY_INFORMATION, sa.lpSecurityDescriptor))
            {
                return(false);
            }

            Win32.CloseHandle(hProc);

            return(true);
        }
Example #2
0
        public static bool ProtectProc(IntPtr hProcess)
        {
            const int DACL_SECURITY_INFORMATION = 0x00000004;
            const int SDDL_REVISION_1           = 0x00000001;

            Win32.SECURITY_ATTRIBUTES sa = new Win32.SECURITY_ATTRIBUTES();
            sa.nLength        = Marshal.SizeOf(sa);
            sa.bInheritHandle = 0;
            int secSize = 0; //TODO: Check size before calling SKOS?

            Win32.ConvertStringSecurityDescriptorToSecurityDescriptor("D:P", SDDL_REVISION_1, out sa.lpSecurityDescriptor, out secSize);

            if (Win32.SetKernelObjectSecurity(hProcess, DACL_SECURITY_INFORMATION, sa.lpSecurityDescriptor))
            {
                return(true);
            }
            else
            {
                return(false);
            }
        }