我正在准备一个Delphi模块,它在一个线程中设置一个钩子来记录一个宏:
FHandleRec := SetWindowsHookEx(WH_JOURNALRECORD,FRecordProc,HInstance,0);
FHandlePlay := SetWindowsHookEx(WH_JOURNALPLAYBACK,FPlayProc,0);
这在WinXP上工作正常,但在Vista / Windows 7上失败并出现ERROR_ACCESS_DENIED.
我在谷歌(this)中找到了(that).报价单:
A lower privilege process cannot: … Use Journal hooks to monitor a
higher privilege process.
尝试没有成功:
>以管理员身份运行应用可能线程已启动
权限低于主线程(虽然我不是100%
当然)
>使用管理员安全上下文模拟线程
也没有帮助.
代码示例:
if LogonUser(PWideChar(sAdminUser),PWideChar(sDomain),PWideChar(sPwd),LOGON32_LOGON_INTERACTIVE,LOGON32_PROVIDER_DEFAULT,hToken) then
begin
if not ImpersonateLoggedOnUser(hToken) then
raise Exception.Create('Error impersonating the user');
end;
FHandleRec := SetWindowsHookEx(WH_JOURNALRECORD,0);
LogonUser和ImpersonateLoggedOnUser执行时没有错误.
尝试的其他可能性:
>永久关闭UAC.这有帮助,但我不能强制模块
用户这样做.
>模块客户签署应用程序并将其置于可信任的应用程序中
地点.没试过,但这使模块完全复杂化
用户的用法.
>将模块放入一些已签名的应用程序并分发EXE.那
将打破一些核心功能.
您能否在Visa / Windows 7下显示设置挂钩的代码或建议工作解决方案?
再次仔细阅读
that article的“用户界面权限隔离”部分.它指的是完整性级别,而不是用户权限.这就是冒充其他用户无法解决问题的原因.完整性级别在进程首次启动时建立,并且无法在代码中动态更改.
User Interface Privilege Isolation (UIPI) is one of the mechanisms
that helps isolate processes running as a full administrator from
processes running as an account lower than an administrator on the
same interactive desktop. UIPI is specific to the windowing and
graphics subsystem,known as USER,that supports windows and user
interface controls. UIPI prevents a lower privilege application from
using Windows messages to send input from one process to a higher
privilege process. Sending input from one process to another allows a
process to inject input into another process without the user
providing keyboard or mouse actions.
Windows Vista implements UIPI by defining a set of user interface
privilege levels in a hierarchical fashion. The nature of the levels
is such that higher privilege levels can send window messages to
applications running at lower levels. However,lower levels cannot
send window messages to application windows running at higher levels.
The user interface privilege level is at the process level. When a
process is initialized,the User subsystem calls into the security
subsystem to determine the desktop integrity level assigned in the
process’s security access token. The desktop integrity level is set by
the security subsystem when the process is created and does not
change. Therefore,the user interface privilege level is also set by
the User subsystem when the process is created and does not change.
All applications run by a standard user have the same user interface
privilege level. UIPI does not interfere or change the behavior of
window messaging between applications at the same privilege level.
UIPI comes into effect for a user who is a member of the
administrators group and may be running applications as a standard
user (sometimes referred to as a process with a filtered access token)
and also processes running with a full administrator access token on
the same desktop. UIPI prevents lower privilege processes from
accessing higher privilege processes by blocking the behavior listed
below.
- Use Journal hooks to monitor a higher privilege process.
根据this article,您的应用程序需要一个UAC清单,该清单指定requestedExecutionLevel = requireAdministrator和uiAccess = True. UIAccess权利很重要:
By specifying UIAccess=”true” in the requestedPrivileges attribute,
the application is stating a requirement to bypass UIPI restrictions
…
A process that is launched with UIAccess rights:
