以编程方式模拟“系统"-用户 [英] Simulating "System"-User programatically

问题描述

程序员您好，

我需要访问已装载映像上受NTFS保护的文件夹，并且不能更改任何属性(拥有所有权).从我所看到的情况来看，总是会添加一个系统"用户，该用户还可以访问系统卷信息"之类的文件夹.

有谁知道如何通过C ++模拟"成为系统用户.


干杯，安迪

Hello fellow programmers,

I need to access NTFS-protected folders on mounted images and can''t change any attributes (taking ownership). From what I have seen there is always a "System"-user added which can also access folders like "System Volume Information".

Does anyone know how to "simulate" being a System-user via C++.


Cheers, Andy

推荐答案

Windows中没有系统(root)用户的概念.不过有什么帮助呢?

Windows管理员只是具有提升特权的普通用户.已为预定义的管理员组的成员分配了一组默认特权，即全部.

现在，您所谓的模拟"将以一个用户身份登录，但获得其他一些特权更高的用户的特权.您只能为一个应用程序执行此操作，而该应用程序可以使用不同的凭据运行".自然，您将需要为不同的凭据提供用户名和密码-无论您做什么.

这不是很明显吗，如果有人编写一些代码来解决此过程，那将完全破坏系统安全性的目的吗?只有在没有解决方法时，安全性才作为安全性有价值.

—SA

There is no concept of a system (root) user in Windows. How would it help though?

Windows administrator is just a regular user with elevated privileges. There is a default set of privileges assigned to the members of predefined administrators group, that''s all.

Now, what you call "simulating" would be logging as one user but getting privileges of some other, more privileges user. You can do it for just one application which you can "Run with different credentials". Naturally, you will nee to provide a user name and a password for different credentials — whatever you do.

Isn''t that obvious, that if there was a was to write some code to work around this procedure it would completely defeat the purpose of system security? Security is only valuable as security when there is no work-around.

—SA

这篇关于以编程方式模拟“系统"-用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！