Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / Languages / Managed C++ / May 2004

Tip: Looking for answers? Try searching our database.

CreateProcess question

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
kal - 08 May 2004 20:28 GMT
Hi,

I am trying to write an application that will launch a second application
using CreateProcess...

SECURITY_ATTRIBUTES sa;
STARTUPINFO si;
PROCESS_INFORMATION pi;

::ZeroMemory( &sa, sizeof(sa) );
sa.nLength = sizeof(sa);
sa.lpSecurityDescriptor = NULL;
sa.bInheritHandle = TRUE;

::ZeroMemory( &si, sizeof(si) );
si.cb = sizeof(si);

::ZeroMemory( &pi, sizeof(pi) );

// Start the child process.
if ( !CreateProcess(
   NULL,
   "C:\\second_app.exe",
   &sa,
   &sa,
   TRUE,
   0,
   NULL,
   "C:\\",
   &si,
   &pi )
)
{
   return;
}

What I want to do is monitor the second process for file read/write, in
other words if the second application interacts with the file system at all,
I want to know how and where, and place that information into a log file. I
know CreateProcess gives me...

pi.dwProcessId
pi.dwThreadId
pi.hProcess
pi.hThread

How can I do this? Any suggestions, ideas are greatly appreciated.

Thanks,
Kal
Reply to this Message
Jerry Coffin - 09 May 2004 08:22 GMT
[ ... ]

> What I want to do is monitor the second process for file read/write, in
> other words if the second application interacts with the file system at all,
> I want to know how and where, and place that information into a log file. I
> know CreateProcess gives me...

Write the parent as basically a debugger.  Set Breakpoints in the
child on the functions you care about, and when they're called, your
parent will receive control.

Of course, writing a debugger is a somewhat non-trivial task, but it
looks to me like about the most reasonable way to accomplish what
you're asking for.

Signature

   Later,
   Jerry.

The universe is a figment of its own imagination.

Reply to this Message
andrea catto' - 10 May 2004 17:29 GMT
you'll need a specific privilege to begin with,
and you'll need to also programmatically obtain too,
it's the debug privilege (I am assuming you are using NT based OSes and
2000, XP).
you'll need to get a token to the process and so on...
these are just hints, I got the code but it's too long to attach

> Hi,
>
[quoted text clipped - 46 lines]
> Thanks,
> Kal
Reply to this Message
Ronald Laeremans [MSFT] - 10 May 2004 20:07 GMT
Hi Andrea,

That is not correct. You don't need the debug privilege to debug a process
you are starting up as a debuggee yourself.

Ronald Laeremans
Visual C++ team

> you'll need a specific privilege to begin with,
> and you'll need to also programmatically obtain too,
[quoted text clipped - 55 lines]
>> Thanks,
>> Kal
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.