The AppInfo service, which starts consent.exe, use a trick to fake the children process tree when calling CreateProcessAsUser() to make look like the creating process did indeed create the child process, which is false (1). That's well... "non-standard". I don't think that faking the process tree is the way to go, even for "user-friendliness".
So now the only thing we need to know is: How? :)
Reference
#1 "Windows Vista User Account Control Internals", Mark Russinovich
http://www.microsoft.com/emea/msdnshowtime/sessionh.aspx?videoid=360
The information is embeded in Mark's video around minute 37.
---
Update
It seems they pulled the plug of this presentation.
M-A's
technology blog
Subscribe to:
Post Comments (Atom)
Blog Archive
-
▼
2007
(26)
-
▼
February
(11)
- Rationale behind UAC
- Flash on Vista: an example of what will happen oft...
- Vista Recommendations
- UAC Side effects
- Virtualization woes
- The tale of associating .pl as an executable on Wi...
- Using nVidia tools to rotate monitors easily
- Dual tokens: how to complexify a little more the s...
- Process Tree manipulation
- MIC : what they forgot to tell you
- Technical blog
-
▼
February
(11)
No comments:
Post a Comment