public void ModifyStartup(ref STARTUPINFOEX startupInfoEx, ref CREATE_PROCESS_FLAGS createProcessFlags) { using (var windowStation = WindowStation.GetCurrent()) { startupInfoEx.StartupInfo.lpDesktop = windowStation.Name + "\\" + this.Desktop.Name; } }
public static extern bool CreateProcessAsUser( SafeTokenHandle hToken, string applicationName, string commandLine, SECURITY_ATTRIBUTES pProcessAttributes, SECURITY_ATTRIBUTES pThreadAttributes, bool bInheritHandles, CREATE_PROCESS_FLAGS dwCreationFlags, IntPtr pEnvironment, string currentDirectory, ref STARTUPINFOEX startupInfo, out PROCESS_INFORMATION processInformation);
public static extern bool CreateProcessAsUser ( IntPtr hToken, string lpApplicationName, string lpCommandLine, SECURITY_ATTRIBUTES lpProcessAttributes, SECURITY_ATTRIBUTES lpThreadAttributes, bool bInheritHandles, CREATE_PROCESS_FLAGS dwCreationFlags, IntPtr lpEnvironment, string lpCurrentDirectory, ref STARTUPINFO lpStartupInfo, out PROCESS_INFORMATION lpProcessInformation );
/// <summary> /// Starts the sandboxed process. /// </summary> public void Start(ProcessStartInfo processStartInfo) { if (processStartInfo == null) { throw new ArgumentNullException(nameof(processStartInfo)); } this.tracer.Trace( nameof(SandboxedProcess), "Starting process '{0}' (arguments '{1}') with protections {2}", processStartInfo.FileName, processStartInfo.Arguments, string.Join(" ", this.protections.Select(x => x.GetType().Name))); using (WindowsIdentity currentIdentity = WindowsIdentity.GetCurrent()) using (SafeTokenHandle currentToken = new SafeTokenHandle(currentIdentity.Token, ownsHandle: false)) { // Start with the current process' token, and then allow the protections to mutate it as required. this.tracer.Trace(nameof(SandboxedProcess), "Modifying current process token"); SafeTokenHandle processToken = currentToken; foreach (IProtection protection in this.protections) { protection.ModifyToken(ref processToken); } STARTUPINFOEX startupInfo = new STARTUPINFOEX(); startupInfo.Init(); CREATE_PROCESS_FLAGS createProcessFlags = CREATE_PROCESS_FLAGS.NONE; // Now allow the protections to change the startup information as required. this.tracer.Trace( nameof(SandboxedProcess), "Modifying startup info"); foreach (IProtection protection in this.protections) { protection.ModifyStartup(ref startupInfo, ref createProcessFlags); } // Make sure extended startupinfo flag is set. createProcessFlags |= CREATE_PROCESS_FLAGS.EXTENDED_STARTUPINFO_PRESENT; string quotedFileName = processStartInfo.FileName; if (quotedFileName[0] != '"') { quotedFileName = "\"" + quotedFileName + "\""; } // Start the process. PROCESS_INFORMATION processInfo = default; try { this.tracer.Trace(nameof(SandboxedProcess), "Creating sandboxed process"); if (!Methods.CreateProcessAsUser( processToken, applicationName: null, commandLine: quotedFileName + " " + processStartInfo.Arguments, pProcessAttributes: null, pThreadAttributes: null, bInheritHandles: false, dwCreationFlags: createProcessFlags, pEnvironment: IntPtr.Zero, currentDirectory: null, ref startupInfo, out processInfo)) { throw new SandboxException( "Unable to create process", new Win32Exception()); } // Get a managed Process instance so we can avoid reimplementing all its goodness. this.process = Process.GetProcessById(processInfo.dwProcessId); this.tracer.Trace(nameof(SandboxedProcess), "Created process {0}", this.process.Id); // Let the protections modify the process now that it has been created. this.tracer.Trace(nameof(SandboxedProcess), "Modifying sandboxed process"); foreach (IProtection protection in this.protections) { protection.ModifyProcess(this.process); } // Resume the process. this.tracer.Trace(nameof(SandboxedProcess), "Resuming sandboxed process"); Methods.ResumeThread(processInfo.hThread); } finally { if (processInfo.hProcess != IntPtr.Zero) { Methods.CloseHandle(processInfo.hProcess); } if (processInfo.hThread != IntPtr.Zero) { Methods.CloseHandle(processInfo.hThread); } } } }
public void ModifyStartup(ref STARTUPINFOEX startupInfoEx, ref CREATE_PROCESS_FLAGS createProcessFlags) { }
public static extern bool CreateProcessWithTokenW(IntPtr hToken, uint dwLogonFlags, string lpApplicationName, StringBuilder lpCommandLine, CREATE_PROCESS_FLAGS dwCreationFlags, IntPtr lpEnvironment, string lpCurrentDirectory, STARTUPINFO lpStartupInfo, PROCESS_INFORMATION lpProcessInformation);
public void ModifyStartup(ref STARTUPINFOEX startupInfoEx, ref CREATE_PROCESS_FLAGS createProcessFlags) { this.AppContainer.SetAttributeList(ref startupInfoEx); }