问题
Having a terrible problem with both IE and Firefox on Win7, a few minutes after cold start or after exiting sleep, beginning a minute or two of intense disk activity, shutting out all other processes, even stopping cursor movement. Can't get to Task Manager to identify culprit, though it has to be IE or Firefox. Want to write a program that watches processes and pauses any process that hijacks the machine. Can EnumProcesses but cannot do OpenProcess or other SeDebugPrivilege related functions because my token, despite being administrator, does not have SeDebugPrivilege. That of course means AdjustTokenPrivileges is ineffective because it can't add privileges, just manipulate existing ones. Several threads on StackOverflow discuss this issue, one mentioning program RunWithDebugEnabled. All I want to do is the same as Visual Studio does: debug another process. How can I put SeDebugPrivilege into my existing token? Norton finds nothing; Norton forums not helpful. MalwareBytes finds nothing. Thanks.
回答1:
Local Security API. Had to burn an MSDN support ticket to learn this. Seems incredible no one else was aware of it.
来源:https://stackoverflow.com/questions/15143796/adding-not-just-enabling-sedebugprivilege