Microsoft MVP성태의 닷넷 이야기
VS.NET IDE: 20. Win32 특권 정리 [링크 복사], [링크+제목 복사],
조회: 32115
글쓴 사람
정성태 (techsharer at outlook.com)
홈페이지
첨부 파일
 
(연관된 글이 2개 있습니다.)
MSDN 도움말에서 2개의 토픽을 발췌했습니다. 찾아보기 귀찮아서. ^^;


User Rights

User rights are rules that determine the actions a user can perform. Unless the computer is a domain controller, they are computer-specific policies. If it is a domain controller, the computer policy extends to all domain controllers in the domain.

Note

In the current release of Windows NT, the set of user rights is defined by the system and cannot be changed. Future versions of Windows NT may allow software developers to define new user rights appropriate to their application.

User rights can be assigned to individual user accounts, but are usually (and more efficiently) assigned to groups. Predefined (built-in) groups have sets of user rights already assigned. Administrators usually assign user rights by adding a user account to one of the predefined groups or by creating a new group and assigning specific user rights to that group. Users who are subsequently added to a group automatically gain all user rights assigned to the group account.

There are several user rights that administrators of high-security installations should be aware of and possibly audit. Of these, you might want to change the default permissions for two rights: Log on locally and Shut down the system.

Table 2.1 Default user rights that may require changing


User Right

Groups assigned this right by default

Recommended change

Log on locally
Allows a user to log on at the computer, from the computer's keyboard.

Administrators, Backup Operators, Everyone, Guests, Power Users, and Users

Deny Everyone and Guests this right.

Shut down the system (SeShutdownPrivilege)
Allows a user to shut down Windows NT.

Administrators, Backup Operators, Everyone, Power Users, and Users

Deny Everyone and Users this right.


The rights in the following table generally require no changes to the default settings, even in the most highly secure installations.

Table 2.2 Default user rights

Right

Allows

Initially assigned to

Access this computer from the network

A user to connect to the computer over the network.

Administrators, Everyone, Power Users

Act as part of the operating system
(SeTcbPrivilege)

A process to perform as a secure, trusted part of the operating system. Some subsystems are granted this right.

(None)

Add workstations to the domain (SeMachineAccountPrivilege)

Nothing. This right has no effect on computers running Windows NT.

(None)

Back up files and directories
(SeBackupPrivilege)

A user to back up files and directories. This right supersedes file and directory permissions.

Administrators, Backup Operators

Bypass traverse checking (SeChangeNotifyPrivilege)

A user to change directories and to access files and subdirectories, even if the user has no permission to access parent directories.

Everyone

Change the system time
(SeSystemTimePrivilege)

A user to set the time for the internal clock of the computer.

Administrators, Power Users

Create a pagefile
(SeCreatePagefilePrivilege)

Nothing. This right has no effect in current versions of Windows NT.

Administrators

Create a token object
(SeCreateTokenPrivilege)

A process to create access tokens. Only the Local Security Authority can do this.

(None)

Create permanent shared objects
(SeCreatePermanentPrivilege)

A user to create special permanent objects, such as \\Device, that are used within Windows NT.

(None)

Debug programs
(SeDebugPrivilege)

A user to debug various low-level objects, such as threads.

Administrators

Force shutdown from a remote system
(SeRemoteShutdownName)

A user to shut down a remote computer.

Administrators

Generate security audits
(SeAuditPrivilege)

A process to generate security-audit log entries.

(None)

Increase quotas
(SeIncreaseQuotaPrivilege)

Nothing. This right has no effect in current versions of Windows NT.

(None)

Increase scheduling priority
(SeIncreaseBasePriorityPrivilege)

A user to boost the execution priority of a process.

Administrators, Power Users

Load and unload device drivers
(SeLoadDriverPrivilege)

A user to install and remove device drivers.

Administrators

Lock pages in memory
(SeLockMemoryPrivilege)

A user to lock pages in memory so they cannot be paged out to a backing store, such as Pagefile.sys.

(None)

Log on as a batch job

Nothing. This right has no effect in current versions of Windows NT.

(None)

Log on as a service

A process to register with the system as a service.

(None)

Log on locally

A user to log on at the computer from the computer keyboard.

Administrators, Backup Operators, Guests, Power Users, Users

Manage auditing and security log
(SeSecurityPrivilege)

A user to specify what types of resource access (such as file access) are to be audited, and to view and clear the security log. This right does not allow a user to set system auditing policy using Audit on the User Manager Policy menu. Members of the Administrators group can always view and clear the security log.

Administrators

Modify firmware environment variables
(SeSystemEnvironmentPrivilege)

A user to modify system- environment variables stored in nonvolatile RAM on systems that support this type of configuration.

Administrators

Profile single process
(SeProfSingleProcess)

A user to perform profiling (performance sampling) on a process.

Administrators, Power Users

Profile system performance
(SeSystemProfilePrivilege)

A user to perform profiling (performance sampling) on the system.

Administrators

Replace a process-level token
(SeAssignPrimaryTokenPrivilege)

A user to modify a process's security-access token. This is a powerful right, used only by the system.

(None)

Restore files and directories
(SeRestorePrivilege)

A user to restore backed-up files and directories. This right supersedes file and directory permissions.

Administrators, Backup Operators

Shut down the system
(SeShutdownPrivilege)

A user to shut down Windows NT.

Administrators, Backup Operators, Power Users, Users

Take ownership of files or other objects
(SeTakeOwnershipPrivilege)

A user to take ownership of files, directories, printers, and other objects on the computer. This right supersedes permissions protecting objects.

Administrators


 

HOWTO: How to Obtain a Handle to Any Process with SeDebugPrivilege

SUMMARY

In Windows NT, you can retrieve a handle to any process in the system by enabling the SeDebugPrivilege in the calling process. The calling process can then call the OpenProcess() Win32 API to obtain a handle with PROCESS_ALL_ACCESS.

MORE INFORMATION

This functionality is provided for system-level debugging purposes. For debugging non-system processes, it is not necessary to grant or enable this privilege.

This privilege allows the caller all access to the process, including the ability to call TerminateProcess(), CreateRemoteThread(), and other potentially dangerous Win32 APIs on the target process.

Take great care when granting SeDebugPrivilege to users or groups.

Sample Code

The following source code illustrates how to obtain SeDebugPrivilege in order to get a handle to a process with PROCESS_ALL_ACCESS. The sample code then calls TerminateProcess on the resultant process handle.

#define RTN_OK 0
#define RTN_USAGE 1
#define RTN_ERROR 13

#include <windows.h>
#include <stdio.h>

BOOL SetPrivilege(
    HANDLE hToken,          // token handle
    LPCTSTR Privilege,      // Privilege to enable/disable
    BOOL bEnablePrivilege   // TRUE to enable.  FALSE to disable
    );

void DisplayError(LPTSTR szAPI);

int main(int argc, char *argv[])
{
    HANDLE hProcess;
    HANDLE hToken;
    int dwRetVal=RTN_OK; // assume success from main()

    // show correct usage for kill
    if (argc != 2)
    {
        fprintf(stderr,"Usage: %s [ProcessId]\n", argv[0]);
        return RTN_USAGE;
    }

    if(!OpenProcessToken(
            GetCurrentProcess(),
            TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
            &hToken
            )) return RTN_ERROR;

    // enable SeDebugPrivilege
    if(!SetPrivilege(hToken, SE_DEBUG_NAME, TRUE))
    {
        DisplayError("SetPrivilege");

        // close token handle
        CloseHandle(hToken);

        // indicate failure
        return RTN_ERROR;
    }

   // open the process
    if((hProcess = OpenProcess(
            PROCESS_ALL_ACCESS,
            FALSE,
            atoi(argv[1]) // PID from commandline
            )) == NULL)
    {
        DisplayError("OpenProcess");
        return RTN_ERROR;
    }

    // disable SeDebugPrivilege
    SetPrivilege(hToken, SE_DEBUG_NAME, FALSE);

    if(!TerminateProcess(hProcess, 0xffffffff))
    {
        DisplayError("TerminateProcess");
        dwRetVal=RTN_ERROR;
    }

    // close handles
    CloseHandle(hToken);
    CloseHandle(hProcess);

    return dwRetVal;
}

BOOL SetPrivilege(
    HANDLE hToken,          // token handle
    LPCTSTR Privilege,      // Privilege to enable/disable
    BOOL bEnablePrivilege   // TRUE to enable.  FALSE to disable
    )
{
    TOKEN_PRIVILEGES tp;
    LUID luid;
    TOKEN_PRIVILEGES tpPrevious;
    DWORD cbPrevious=sizeof(TOKEN_PRIVILEGES);

    if(!LookupPrivilegeValue( NULL, Privilege, &luid )) return FALSE;

    //
    // first pass.  get current privilege setting
    //
    tp.PrivilegeCount           = 1;
    tp.Privileges[0].Luid       = luid;
    tp.Privileges[0].Attributes = 0;

    AdjustTokenPrivileges(
            hToken,
            FALSE,
            &tp,
            sizeof(TOKEN_PRIVILEGES),
            &tpPrevious,
            &cbPrevious
            );

    if (GetLastError() != ERROR_SUCCESS) return FALSE;

    //
    // second pass.  set privilege based on previous setting
    //
    tpPrevious.PrivilegeCount       = 1;
    tpPrevious.Privileges[0].Luid   = luid;

    if(bEnablePrivilege) {
        tpPrevious.Privileges[0].Attributes |= (SE_PRIVILEGE_ENABLED);
    }
    else {
        tpPrevious.Privileges[0].Attributes ^= (SE_PRIVILEGE_ENABLED &
            tpPrevious.Privileges[0].Attributes);
    }

    AdjustTokenPrivileges(
            hToken,
            FALSE,
            &tpPrevious,
            cbPrevious,
            NULL,
            NULL
            );

    if (GetLastError() != ERROR_SUCCESS) return FALSE;

    return TRUE;
}

void DisplayError(
    LPTSTR szAPI    // pointer to failed API name
    )
{
    LPTSTR MessageBuffer;
    DWORD dwBufferLength;

    fprintf(stderr,"%s() error!\n", szAPI);

    if(dwBufferLength=FormatMessage(
                FORMAT_MESSAGE_ALLOCATE_BUFFER |
                FORMAT_MESSAGE_FROM_SYSTEM,
                NULL,
                GetLastError(),
                GetSystemDefaultLangID(),
                (LPTSTR) &MessageBuffer,
                0,
                NULL
                ))
    {
        DWORD dwBytesWritten;

        //
        // Output message string on stderr
        //
        WriteFile(
                GetStdHandle(STD_ERROR_HANDLE),
                MessageBuffer,
                dwBufferLength,
                &dwBytesWritten,
                NULL
                );

        //
        // free the buffer allocated by the system
        //
        LocalFree(MessageBuffer);
    }
}
   

 


[연관 글]






[최초 등록일: ]
[최종 수정일: 2/15/2005]

Creative Commons License
이 저작물은 크리에이티브 커먼즈 코리아 저작자표시-비영리-변경금지 2.0 대한민국 라이센스에 따라 이용하실 수 있습니다.
by SeongTae Jeong, mailto:techsharer at outlook.com

비밀번호

댓글 작성자
 



2015-06-15 04시36분
정성태

... 121  122  123  124  125  126  [127]  128  129  130  131  132  133  134  135  ...
NoWriterDateCnt.TitleFile(s)
2879정성태3/3/201526565개발 환경 구성: 259. Visual Studio 없이 Visual C++ 컴파일하는 방법
2878정성태2/28/201527405.NET Framework: 503. == 연산자보다는 Equals 메서드의 호출이 더 권장됩니다. [3]파일 다운로드1
2877정성태2/28/201521639.NET Framework: 502. 연산자 재정의(operator overloading)와 메서드 재정의(method overriding)의 다른 점 - 가상 함수 호출 여부 [3]파일 다운로드1
2876정성태2/27/201524135VS.NET IDE: 98. IntegraStudio - Visual Studio에서 Java 프로그램 개발
2875정성태2/26/201522722디버깅 기술: 72. Visual Studio 2013에서의 sos.dll 사용 제한
2874정성태2/26/201519466디버깅 기술: 71. windbg + 닷넷 디버깅 (2) - null 체크 패턴
2873정성태2/25/201536990.NET Framework: 501. FtpWebRequest 타입을 이용해 FTP 파일 업로드 [4]파일 다운로드1
2872정성태2/25/201521091디버깅 기술: 70. windbg + 닷넷 디버깅 (1) - 배열 인덱스 사용 패턴
2871정성태2/24/201525097개발 환경 구성: 258. 윈도우 8.1에서 방화벽과 함께 FTP 서버 여는 (하지만, 권장하지 않는) 방법 [1]
2870정성태2/24/201526197개발 환경 구성: 257. 윈도우 8.1에서 방화벽과 함께 FTP 서버 여는 방법
2869정성태2/23/201520173.NET Framework: 500. struct로 정의한 값 형식(Value Type)의 경우 Equals 재정의를 권장합니다.파일 다운로드1
2868정성태2/23/201524708VS.NET IDE: 97. Visual C++ 프로젝트 디버깅 시에 Step-Into(F11) 동작이 원치 않는 함수로 진입하는 것을 막는 방법 [2]
2867정성태2/23/201518370오류 유형: 273. File History - Failed to initiate user data backup (error 80070005)
2866정성태2/23/201520198오류 유형: 272. WAT080 : Failed to locate the Windows Azure SDK. Please make sure the Windows Azure SDK v2.1 is installed.
1868정성태2/20/201517524오류 유형: 271. The type '...' cannot be used as type parameter 'TContext' in the generic type or method 'System.ServiceModel.DomainServices.EntityFramework.LinqToEntitiesDomainService&lt;T&gt;
1866정성태2/20/201518418오류 유형: 270. "aspnet_regiis -i" 실행 시 0x00000006 오류 해결 방법
1865정성태2/20/201519787.NET Framework: 499. 특정 닷넷 프레임워크 버전 이후부터 제공되는 타입을 사용해야 한다면?
1864정성태2/18/201524731.NET Framework: 498. C#으로 간단하게 만들어 본 ASCII Art 프로그램 [2]파일 다운로드1
1862정성태2/18/201528578.NET Framework: 497. .NET Garbage Collection에 대한 정리 [6]
1861정성태2/18/201523940.NET Framework: 496. 마우스 커서가 놓인 지점의 문자열 얻는 방법 [1]파일 다운로드1
1860정성태2/18/201523750.NET Framework: 495. CorElementType의 요소 값 설명파일 다운로드1
1859정성태2/17/201524168Windows: 106. 컴퓨터를 재부팅하면 절전(Power Saver) 전원 모드로 돌아가는 경우
1858정성태2/16/201534174Windows: 105. 자동으로 로그아웃/잠김 화면 상태로 전환된다면? [2]
1857정성태2/16/201522146.NET Framework: 494. 값(struct) 형식의 제네릭(Generic) 타입이 박싱되는 경우의 메타데이터 토큰 값파일 다운로드1
1856정성태2/15/201521168.NET Framework: 493. TypeRef 메타테이블에 등록되는 타입의 조건파일 다운로드1
1855정성태2/10/201520710개발 환경 구성: 256. WebDAV Redirector - Sysinternals 폴더 연결 시 "The network path was not found" 오류 해결 방법
... 121  122  123  124  125  126  [127]  128  129  130  131  132  133  134  135  ...