_STARPID & @PID[] after START /ELEVATED

May 20, 2008
11,437
99
Syracuse, NY, USA
I'm afraid that the Windows security isn't quite as pitiful as you would like it to be ...
I don't understand your remark. TASKLIST shows the PID of a process started with "START /ELEVATED" so I'd think @PID[] should be able to get it. I don't know about START/_STARTPID ... Does it use CreateProcess()?
 

rconn

Administrator
Staff member
May 14, 2008
12,369
150
It does not use CreateProcess(); that API cannot start elevated tasks from a non-elevated process. START /elevated uses ShellExecuteEx(), which does not return a PID. It does return a process handle, but Windows will not let a non-elevated process query process information for an elevated process. (It'd be a useless pile of security junk if it did allow that!)
 
May 20, 2008
11,437
99
Syracuse, NY, USA
It does not use CreateProcess(); that API cannot start elevated tasks from a non-elevated process. START /elevated uses ShellExecuteEx(), which does not return a PID. It does return a process handle, but Windows will not let a non-elevated process query process information for an elevated process. (It'd be a useless pile of security junk if it did allow that!)
What about @PID[]?
 

rconn

Administrator
Staff member
May 14, 2008
12,369
150
What about it?

If you're an admin user, @PID will use an undocumented API to return a pseudo-PID (not the real one, but one that Windows will associate with the process).

However, it's useless, because you cannot actually do anything with the PID. Even if you had the real one, Windows will still not let you do anything with that PID unless you're running in an elevated process. (In which case, TCC would have used CreateProcess(), and this whole exercise would have been pointless.)

So unless you just like to look at PIDs and imagine what you would do with them if you could actually do anything with them (and you can't), you can just substitute @RANDOM.
 
May 20, 2008
11,437
99
Syracuse, NY, USA
What about it?

If you're an admin user, @PID will use an undocumented API to return a pseudo-PID (not the real one, but one that Windows will associate with the process).

However, it's useless, because you cannot actually do anything with the PID.

As an admin uner UAC, @PID[elevated] is 0. Running elevated, it returns the actual PID ... the one seen in TaskMgr.

And that PID's not entirely useless. My WHICHWIN can filter on it to show its (and only its) windows. There's probably more you could do with it (but probably nothing too exciting).
 
May 24, 2010
855
0
Northlake, Il
Vince, I am not quite sure what you meant when you said "As an admin user UAC". If you are running Windows 7 (and I tend to believe that you are from previous postings but I could be wrong) there are no "true" "Administrative" users unless you "dug up", "revived", and unhid the true "Administrator" account. First user created on a Windows 7 machine is only a pseudo-administrator (i.e., will be bugged by UAC unless UAC is turned off), and programs that were not launched "elevated" are not administrative at all, and have no "access" to administrative things. - Dan
 
May 20, 2008
11,437
99
Syracuse, NY, USA
Vince, I am not quite sure what you meant when you said "As an admin user UAC". If you are running Windows 7 (and I tend to believe that you are from previous postings but I could be wrong) there are no "true" "Administrative" users unless you "dug up", "revived", and unhid the true "Administrator" account. First user created on a Windows 7 machine is only a pseudo-administrator (i.e., will be bugged by UAC unless UAC is turned off), and programs that were not launched "elevated" are not administrative at all, and have no "access" to administrative things. - Dan
That's me ... the pseudo-admin ... and I can do a lot without having to ask or reply to UAC at all ... run any of the MSC plugins (configure services, change security policy), configure network stuff, and more. I can seamlessly do nearly anything "administrative" (except set the time) without dealing with UAC.
 
May 24, 2010
855
0
Northlake, Il
Vince, Please excuse me if this is a stupid question. Didn't you have to turn UAC off entirely for that to be the case? I haven't turned mine off because it helps to keep me from making stupid mistakes (which, as I have said previously, I'm quite fond of). I do keep an "Elevated" TCC session running at all times, but I try real hard to avoid using it when I don't actually require administrative privileges. - Dan
 
May 20, 2008
11,437
99
Syracuse, NY, USA
Vince, Please excuse me if this is a stupid question. Didn't you have to turn UAC off entirely for that to be the case? I haven't turned mine off because it helps to keep me from making stupid mistakes (which, as I have said previously, I'm quite fond of). I do keep an "Elevated" TCC session running at all times, but I try real hard to avoid using it when I don't actually require administrative privileges. - Dan
No, I have not turned UAC off. It simply lets me do those things. If you are the "pseudo-admin" just type something like "services.msc" or "secpol.msc" (+ enter) in the start menu.
 
Similar threads
Thread starter Title Forum Replies Date
vefatica Help for @PID Support 2
vefatica @PID and system processes? Support 3
vefatica Something wrong with @PID Support 10
vefatica @PID, ISAPP - don't see system processes Support 12
vefatica New desktop, need Explorer PID Support 1
Steve Pitts @PID weirdness Support 2
dcantor Missing help for @PIDCOMMAND[pid] Support 6
J Take command does not start on Windows 10 Support 3
N for start /b anamoly Support 1
U Can not get/start Take Command gui Support 1
DrusTheAxe START /? is incomplete Support 2
S How to? Runs start /w in invisible mode OR run program after exit of another one Support 3
vefatica Start/stop screensaver from TCC? Support 12
S START with title Support 4
vefatica START at 0,0? Support 2
D START /POS versus @WINPOS and @WINSIZE Support 12
vefatica START /elevated and PcaSvc? Support 5
S incorrect message at start Cancel batch job 4START.bat ? (Y/N/A) : Support 1
vefatica START /PGM "name with spaces.URL" fails Support 2
L Peculiarities of how START launches processes Support 15
R How to? START program as top window? Support 2
Peter Murschall v24 IDE/BDEBUGGER won't start Support 9
Dmitry L. Kobyakov WAD Start /pgm "name.htm" works improperly Support 4
Joe Caverly START Dialog usage of %_ variables Support 0
A Fixed [23.0.22]: TCMD crashes shortly after start, TCC keeps running in background Support 6
kb6ojs Want to start TCMD v20 with every Windows 10 bootup Support 3
vefatica START *command Support 5
Per TCC/LE 14 64-bit won't start on Windows 10 Insider Preview 17063 (171213) Support 12
A Fixed (CMD compat) START /D fails to recognize the switch option. Support 3
MikeBaas start /runas - I'd like /netonly Support 2
vefatica Start VIEW with the toolbar showing? Support 5
vefatica Documentation START /AFFINITY Support 0
B how to do in "start" command thing like in tcc.exe Support 1
J directory or folder to start in Support 2
R How to? Not have RT version show on start Support 3
D WAD START /ELEVATED "Title" /PGM "job.btm" Support 6
J How to? Start TCMD with different configurations Support 3
vefatica START /K ... Support 1
vefatica Documentation START /AFFINITY Support 5
vefatica Start TCMD with File Explorer showing? Support 2
Alpengreis WAD Each start/close of TCMD changes my Explorer setting Support 7
WadeHatler Just started getting a message about Cloud Storage every time I start TCC 19 Support 3
Alpengreis Fixed TCMD FileExplorer Start-Directory problem Support 4
vefatica Shortcut/start-up folder nonsense Support 20
fishman@panix.com Can I start TCC in full screen mode? Support 9
R Unable to start any BTM file from Explorer Support 5
fpefpe How to? Stange start up issue Support 1
M Start "/Elevated" failure... Support 3
vefatica START, CMD vs. TCC Support 0
Steve Pitts Difference in exection with and without START Support 24

Similar threads