For a little bit now I've been struggling with an issue involving
OpenProcess and CreateToolhelp32Snapshot. The issue revolves around a
single process returning ERROR_ACCESS_DENIED when I attempt to either call
CreateToolhelp32Snapshot on the process or OpenProcess. The target process
has Medium Integrity, is running in Session 1, is not protected, and is
being run as a standard user on Vista. My process that is attempting to
view the target process has all of the same permissions and is being run as
a standard user on Vista.

What I do not understand is that my process can call
CreateToolhelp32Snapshot on every other process of the same integrity level
on my test machine except one. My process has enabled debug permissions, so
that isn't an issue. It just doesn't seem to have permissions, but why? Is
there a way to design a process in windows Vista to prohibit
CreateToolhelp32Snapshot or OpenProcess from being called on it, even if
they normally could be called?

Note: If I run my process as an administrator, it is able to view the
target process fine. However, I obviously don't want to require my process
be run as an administrator just to view the modules loaded into other
processes.

Aaron Moore wrote:

Is the particular process a Windows (system) process ?
Have you checked all the privileges needed (by code or with process
explorer) ?

Thank you Pual for the response. The Process is not a system process and up
to now I checked all priviledges and they seemed ok.

However, I think I found something new about the process I'm trying to call
OpenProcess on. The process seems to have its Access Control Entry set to
deny \Everyone. Just this one process. How would you set this? How could
you remove this? I found this out using Microsoft's Standard User Analyzer.
It reported this Warning mesage on the process: 'Deny Access Control Entry
(ACE) Encountered. Open Porcess: pid (process id #) denies
'PROCESS_VM_READ' to \Everyone'.

Can anyone help with this?

"paul" lisp.com> wrote in message news:fvo31j$1ek$1@aioe.org...