CreateProcess with as a "Limited User"

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: "climberjack@xxxxxxxxx" <climberjack@xxxxxxxxx>
Date: 19 Jan 2006 03:41:44 -0800

This is a strange one...
I have a service application that runs an Agent application (i.e.
watchdog). The Agent app will run a client application if it notices
that the client application is not running....

Here's where it gets more confusing....

All of this is going on while the user is a limited account (i.e. not
administrator). When my Agent application calls CreateProcess(...) the
client application inherits the elevated administrators security.

I don't understand from reading about SECURITY_ATTRIBUTES what the
value of lpSecurityDescriptor should be set to.

How can an application that's ran with administrator rights spawn
another application that has lower/limited rights?

It's 3am, sorry if this is all a bit strange.

Jack

.

Follow-Ups:
- Re: CreateProcess with as a "Limited User"
  - From: Vipin

Prev by Date: Limits to memory allocated in DLL
Next by Date: Re: Limits to memory allocated in DLL
Previous by thread: Limits to memory allocated in DLL
Next by thread: Re: CreateProcess with as a "Limited User"
Index(es):
- Date
- Thread

Relevant Pages

EFS Probleme
... dass der Data Recovery Agent ... "Administrator" einen "Certificate Tumbprint" hat welcher ... >Der Client müsste aus meiner sicht richtig in der Domäne ...
(microsoft.public.de.german.windows.server.general)
Re: CreateProcess with as a "Limited User"
... > I have a service application that runs an Agent application (i.e. ... The Agent app will run a client application if it notices ... > How can an application that's ran with administrator rights spawn ... sorry if this is all a bit strange. ...
(microsoft.public.vc.mfc)
RE: Patch Mgmt. - MS SMS Installer - Embedding Logon Credentials
... The MS SMS 2003 manual states that in order to roll out the SMS client ... agent to Windows 2000 clients via login script the user must ... Installer to create a client agent installer .msi file with local ...
(Security-Basics)
Re: 2006 SFP forms (england).
... with the RPA but with the agent acting on behalf of someone we rent ... entitlements at all for his poor confused client. ... too difficult for agents to do their job for people because the RPA set far ... He said farmers who had insufficient Field Data Sheets should contact ...
(uk.business.agriculture)
Client push installing, but not reflecting in SMS Admin Console?
... the 2.0 client clean utility). ... client components appear to install (the various icons show up in the ... CCM Status and Eventing Agent - Installed ... SMS Client Shared Components - Installed ...
(microsoft.public.sms.setup)