Hello,

I'm currently trying to create a process that will have the PROCESS_QUERY_INFORMATION access right. I'm trying to create a new security descriptor to be used with CreateProcess(). However, MSDN is very confusing on this, and I am getting completely bogged down on DACL's and ACE's.

I also can't seem to find any examples relating to process'.

Here is some code I have so far:

Code:
PSECURITY_DESCRIPTOR pSD;
pSD = (PSECURITY_DESCRIPTOR) LocalAlloc (LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION);
SetSecurityDescriptorDacl(pSD, TRUE, (PACL)NULL, FALSE);
    
// SECURITY_ATTRIBUTES struct
SECURITY_ATTRIBUTES sa;
sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.lpSecurityDescriptor = pSD;
sa.bInheritHandle = TRUE;
    
// Create process without the window
if (!CreateProcessW(utilityName, parameters, &sa, 0, FALSE, CREATE_PRESERVE_CODE_AUTHZ_LEVEL | CREATE_NO_WINDOW, 0, 0, &siStartupInfo, &piProcessInfo)){
    PrintLastError();
    return FALSE;
}
I need this access right because the process being created needs to call OpenProcessToken(). If I run the program as seen above, the newly created process just crashes upon hitting OpenProcessToken(). Is this expected behaviour assuming the PROCESS_QUERY_INFORMATION permission isn't set? I don't even know if this is the reason for the crash (I would of thought that it would give me an error message, but I can't think of any other reasons)...