public static bool ProtectProc() { int secSize = 0; const int PROCESS_ALL_ACCESS = 0x1F0FFF; const int SDDL_REVISION_1 = 0x00000001; const int DACL_SECURITY_INFORMATION = 0x00000004; Win32.SECURITY_ATTRIBUTES sa = new Win32.SECURITY_ATTRIBUTES(); sa.nLength = Marshal.SizeOf(sa); sa.bInheritHandle = 0; // Get a handle of our process with all access rights IntPtr hProc = Win32.OpenProcess(PROCESS_ALL_ACCESS, false, Process.GetCurrentProcess().Id); if (!Win32.ConvertStringSecurityDescriptorToSecurityDescriptor("D:P", SDDL_REVISION_1, out sa.lpSecurityDescriptor, out secSize)) { return(false); } if (!Win32.SetKernelObjectSecurity(hProc, DACL_SECURITY_INFORMATION, sa.lpSecurityDescriptor)) { return(false); } Win32.CloseHandle(hProc); return(true); }
public static bool ProtectProc(IntPtr hProcess) { const int DACL_SECURITY_INFORMATION = 0x00000004; const int SDDL_REVISION_1 = 0x00000001; Win32.SECURITY_ATTRIBUTES sa = new Win32.SECURITY_ATTRIBUTES(); sa.nLength = Marshal.SizeOf(sa); sa.bInheritHandle = 0; int secSize = 0; //TODO: Check size before calling SKOS? Win32.ConvertStringSecurityDescriptorToSecurityDescriptor("D:P", SDDL_REVISION_1, out sa.lpSecurityDescriptor, out secSize); if (Win32.SetKernelObjectSecurity(hProcess, DACL_SECURITY_INFORMATION, sa.lpSecurityDescriptor)) { return(true); } else { return(false); } }