I'm looking for a method to drop process rights for security reasons. I want to start as user with privileges and end as limited user.
For example I want my web server to run under restricted user by I still want to listen on port 80.
How can I do such things under Windows. Something similar to Unix's:
bind_to_80();
chroot("/some/limited/dir");
setuid(limited_user_id);
setgid(limited_group_id);
chroot("/some/limited/dir");
// drop some more rights
fork(); // now I can't come back
How can I do something similar under Windows?
Edit: Of course I understand that Windows does not have fork or chroot, but I'm looking for dropping various rights, especially user - best practices.
Take a look at Mark Russinovich's description of stripping privileges under Windows using CreateRestrictedToken and CreateProcessAsUser. As he explains, this isn't bulletproof since the account under which the process is running still retains its privileges.
And of course, his PsExec sysinternals utility helps you strip away at least Administrator privileges, without requiring coding.
For an existing process, it seems AdjustToken and AdjustTokenGroup permit manipulation (the former apparently requires XPSP2 or higher), but require privileges themselves... it might be possible to commit privilege seppuku this way, but I haven't tried them: they might barf on manipulating privileges of the current process.
来源:https://stackoverflow.com/questions/3966536/dropping-process-rights-under-windows