tags:

views:

225

answers:

1
+1  Q: 

C++ Process Checking

I'm creating a task-manager type application in C++, and I'm currently using:

`

void MyFrame::ProcChecker(bool showmessage=false){
 HANDLE hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
 PROCESSENTRY32 *processInfo = new PROCESSENTRY32;
 processInfo->dwSize = sizeof(PROCESSENTRY32);

 int index = 0;
 string procList = "";

 while(Process32Next(hSnapShot,processInfo) != false){
  HANDLE modSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPALL, processInfo->th32ProcessID);

  MODULEENTRY32 *moduleInfo = new MODULEENTRY32;
  moduleInfo->dwSize = sizeof(MODULEENTRY32);

  index++;
  stringstream indexstr;
  indexstr << index;

  Module32First(modSnapShot,moduleInfo);

  procList = procList + indexstr.str() + ": " + wxString((string)processInfo->szExeFile) + "[" + wxString((string)moduleInfo->szExePath) + "]" + "\r\n";
 }

 if(showmessage){
  MessageBox(NULL,procList.c_str(),"Processes",false);
 }
}

`

The problem I'm coming across is that a lot of the processes have restricted access, and I think I need to somehow get higher privileges that the app currently has. I think it has something to do with me needing to create a kernel-mode driver. If someone could point me in the right direction it'd be greatly appreciated! :)

I'm just starting out in C++ so I understand that my current code is probably horrendous :P

+3  A: 

In order to query information about processes that you don't directly have access to, you need to have SeDebugPrivilege*. If this is on Vista, you most likely are running as standard user and you don't have that privilege. You need to run your program as administrator (note that TaskManager has to run as admin to get information on all processes.)

If you are running as admin, the problem is most likely that SeDebugPrivilege is not enabled by default. This is because SeDebugPrivilege is a very dangerous privilege to have all the time. You can enable SeDebugPrivilege by calling the AdjustTokenPrivileges API. This KB article shows how - you can probably find other references on the web.

*SeDebugPrivilege, among other things, is an override to OpenProcess and OpenThread. Toolhelp has to call these functions internally to query information on processes and threads in the system. These functions will check the ACL on the object to see if you have access. A user typically only has been granted permission to processes that they've created. If the calling code has SeDebugPrivilege in its token, OpenProcess and OpenThread will succeed even if the code hasn't been granted access by the ACL.

Michael  2009-09-16 22:54:13
Thankyou very much :) I'll do some research on it
Mikey  2009-09-16 23:07:43

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS