如何为 SetWindowsHookEx() 设置 ACL? [英] How to set ACL for SetWindowsHookEx()?

问题描述

可以在 Windows XP 中为所有键盘/鼠标事件设置挂钩:

It was possible to set a hook on all keyboard/mouse events in Windows XP:

 SetWindowsHookEx(WH_JOURNALRECORD, (HOOKPROC)JournalLogProc, GetModuleHandle(NULL), 0);

...但在 Windows 7 中，SetWindowsHookEx 返回 5(访问被拒绝).

... but in Windows 7, SetWindowsHookEx returning 5 (access denied).

如何设置功能需要的权限/ACL?即使我以管理员身份"运行我的程序，我也遇到了同样的访问被拒绝"错误.

How to set permissions/ACLs the function need? I got the same "access denied" error even if I run my program "As Administrator".

推荐答案

Hook 不是安全对象，因此您不能为它们设置 ACL.在 Win7 中出现错误的原因是因为在 Vista 中引入的 UAC 改变了日志挂钩的一般使用规则.

Hooks are not securable objects, so you cannot set an ACL for them. The reason you are getting an error in Win7 is because UAC, which was introduced in Vista, changes the rules of how journal hooks can be used in general.

日志钩子只能由提升的进程设置，并且该进程必须绕过用户界面特权隔离 (UIPI) 使用设置 uiAccess=True 的 UAC 清单.请注意，设置 uiAccess=True 有其他影响，因此请确保您了解它的实际作用(请参阅 Windows 完整性机制设计 了解详情).仅仅以管理员身份运行应用程序是不够的.

A journal hook can only be set by an elevated process, and also the process must bypass User Interface Privilege Isolation (UIPI) by using a UAC manifest that sets uiAccess=True. Note that setting uiAccess=True has other ramifications, so be sure you understand what it actually does (see Windows Integrity Mechanism Design for details). It is not enough to simply run the app as an admin anymore.

唯一的其他解决方法是手动更改计算机的安全策略以完全禁用 UAC，或减少 UAC 设置中的某些安全限制.

The only other workaround is to manually change the security policies of the machine to either disable UAC altogether, or to reduce certain security restrictions in the UAC settings.

这篇关于如何为 SetWindowsHookEx() 设置 ACL?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！