I have 2 processes. One of them is running under admin account, second – under user account with no permissions to admin processes. They need to see each other and compare the path, from where this processes where executed. But first (user) process can’t get the path of the second process. Getting path using CreateToolhelp32Snapshot -> OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION) -> QueryFullProcessImageName is not applicable because it works in Vista, Win7 and higher, and I need solution for lower versions of Win.
So, how can I give permissions for user process to see the path of admin process, or how can I share privileges of admin process for the user using Access Tokens or using SetNamedSecurityInfo ?
using delphi desirable.
You can alter this, yes (*) – but you really should reconsider your logic. For example, admin process can open shared MMF with predefined name and store any information you need. You can share this MMF to any user or group you want (you should consider giving read-only access only). This is much safer than opening entire process to out world.
(*) In admin process: OpenProcess, get token and security descriptor, modify DACL to include new right for the desired user account or group, set token/SD back.