CAccessToken::CreateProcessAsUser

Call this method to create a new process running in the security context of the user represented by the CAccessToken object.

bool CreateProcessAsUser( 
   LPCTSTR pApplicationName, 
   LPTSTR pCommandLine, 
   LPPROCESS_INFORMATION pProcessInformation, 
   LPSTARTUPINFO pStartupInfo, 
   DWORD dwCreationFlags = NORMAL_PRIORITY_CLASS, 
   bool bLoadProfile = false, 
   const CSecurityAttributes* pProcessAttributes = NULL, 
   const CSecurityAttributes* pThreadAttributes = NULL, 
   bool bInherit = false, 
   LPCTSTR pCurrentDirectory = NULL  
) throw( );

Parameters

  • pApplicationName
    Pointer to a null-terminated string that specifies the module to execute. This parameter may not be NULL.

  • pCommandLine
    Pointer to a null-terminated string that specifies the command line to execute.

  • pProcessInformation
    Pointer to a PROCESS_INFORMATION structure that receives identification information about the new process.

  • pStartupInfo
    Pointer to a STARTUPINFO structure that specifies how the main window for the new process should appear.

  • dwCreationFlags
    Specifies additional flags that control the priority class and the creation of the process. See the Win32 function CreateProcessAsUser for a list of flags.

  • bLoadProfile
    If true, the user's profile is loaded with LoadUserProfile.

  • pProcessAttributes
    Pointer to a SECURITY_ATTRIBUTES structure that specifies a security descriptor for the new process and determines whether child processes can inherit the returned handle. If pProcessAttributes is NULL, the process gets a default security descriptor and the handle cannot be inherited.

  • pThreadAttributes
    Pointer to a SECURITY_ATTRIBUTES structure that specifies a security descriptor for the new thread and determines whether child processes can inherit the returned handle. If pThreadAttributes is NULL, the thread gets a default security descriptor and the handle cannot be inherited.

  • bInherit
    Indicates whether the new process inherits handles from the calling process. If true, each inheritable open handle in the calling process is inherited by the new process. Inherited handles have the same value and access privileges as the original handles.

  • pCurrentDirectory
    Pointer to a null-terminated string that specifies the current drive and directory for the new process. The string must be a full path that includes a drive letter. If this parameter is NULL, the new process will have the same current drive and directory as the calling process.

Return Value

Returns true on success, false on failure.

Remarks

CreateProcessAsUser uses the CreateProcessAsUser Win32 function to create a new process that runs in the security context of the user represented by the CAccessToken object. See the description of the CreateProcessAsUser function for a full discussion of the parameters required.

For this method to succeed, the CAccessToken object must hold AssignPrimaryToken (unless it is a restricted token) and IncreaseQuota privileges.

Requirements

Header: atlsecurity.h

See Also

Reference

CAccessToken Class