在process explorer 中的security 是什么？

weixin_38048154 2018-08-11 04:21:32

请问各位老师！在process explorer 中，双击进程，进入属性，看到security 这个条目，这个条目是不是就是这个进程的令牌啊？

...全文

31 2 打赏收藏转发到动态举报

写回复

2 条回复

切换为时间正序

请发表友善的回复…

发表回复

weixin_38065217 2018-08-15

打赏
举报

回复

如果不是进程的令牌，那么这个进程的令牌在process explorer的什么位置？，进程不是有一个用户的令牌的拷贝么？》

weixin_38050602 2018-08-12

打赏
举报

回复

是用户帐户或用户组对这个进程可执行的具体权限设置。

Alexis Zhang
http://mvp.microsoft.com/zh-cn/mvp/Jie%20Zhang-4000545
http://blogs.itecn.net/blogs/alexis
推荐以 NNTP Bridge 桥接新闻组方式访问论坛。
本帖是回复帖，原帖作者是楼上的 <0755lws>；
| 请问各位老师！在process explorer 中，双击进程，进入属性，看到security 这个条目，这个条目是不是就是这个进程的令牌啊？

Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. When you zoom in on a particular process you can list the DLLs it has loaded or the operating system resource handles it has open. A search capability enables you to track down a process that has a resource opened, such as a file, directory or Registry key, or to view the list of processes that have a DLL loaded.

The Process Explorer display consists of two sub-windows. The top always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window, which you can close, depends on the mode that Process Explorer is in: if it is in handle mode you will see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you will see the DLLs and memory-mapped files that the process has loaded.

Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded. The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.

You can obtain equivalent command-line tools, Handle and ListDLLs, at the Sysinternals Web site.

Process Explorer does not require administrative privileges to run and works on Windows 9x/Me, Windows NT 4.0, Windows 2000, Windows XP, Server 2003, Windows Vista, Windows Server 2008 and on the x64 version of 64-bit Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008.

Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. When you zoom in on a particular process you can list the DLLs it has loaded or the operating system resource handles it has open. A search capability enables you to track down a process that has a resource opened, such as a file, directory or Registry key, or to view the list of processes that have a DLL loaded.

windows下最强悍的进程查看工具支持win 7 Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. When you zoom in on a particular process you can list the DLLs it has loaded or the operating system resource handles it has open. A search capability enables you to track down a process that has a resource opened, such as a file, directory or Registry key, or to view the list of processes that have a DLL loaded.

Windows自带的任务管理器有其明显的局限性，而Security Process Explorer是一个增强型的系统任务管理器，能提供更多的信息，包括了文件名、CPU使用率、内存占用情况、安全级别的评估，以及每个进程的详细信息，所有进程可一键停止或屏蔽。

Optimize Windows system reliability and performance with Sysinternals IT pros and power users consider the free Windows Sysinternals tools indispensable for diagnosing, troubleshooting, and deeply understanding the Windows platform. In this extensively updated guide, Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis help you use these powerful tools to optimize any Windows system’s reliability, efficiency, performance, and security. The authors first explain Sysinternals’ capabilities and help you get started fast. Next, they offer in-depth coverage of each major tool, from Process Explorer and Process Monitor to Sysinternals’ security and file utilities. Then, building on this knowledge, they show the tools being used to solve real-world cases involving error messages, hangs, sluggishness, malware infections, and much more. Windows Sysinternals creator Mark Russinovich and Aaron Margosis show you how to: Use Process Explorer to display detailed process and system information Use Process Monitor to capture low-level system events, and quickly filter the output to narrow down root causes List, categorize, and manage software that starts when you start or sign in to your computer, or when you run Microsoft Office or Internet Explorer Verify digital signatures of files, of running programs, and of the modules loaded in those programs Use Autoruns, Process Explorer, Sigcheck, and Process Monitor features that can identify and clean malware infestations Inspect permissions on files, keys, services, shares, and other objects Use Sysmon to monitor security-relevant events across your network Generate memory dumps when a process meets specified criteria Execute processes remotely, and close files that were opened remotely Manage Active Directory objects and trace LDAP API calls Capture detailed data about processors, memory, and clocks Troubleshoot unbootable devices, file-in-use errors, unexplained communication, and many other problems Understand Windows core concepts that aren’t well-documented elsewhere Table of Contents PART I: GETTING STARTED Chapter 1 Getting started with the Sysinternals utilities Chapter 2 Windows core concepts Chapter 3 Process Explorer Chapter 4 Autoruns PART II: USAGE GUIDE Chapter 5 Process Monitor Chapter 6 ProcDump Chapter 7 PsTools Chapter 8 Process and diagnostic utilities Chapter 9 Security utilities Chapter 10 Active Directory utilities Chapter 11 Desktop utilities Chapter 12 File utilities Chapter 13 Disk utilities Chapter 14 Network and communication utilities Chapter 15 System information utilities Chapter 16 Miscellaneous utilities PART III: TROUBLESHOOTING—“THE CASE OF THE UNEXPLAINED…” Chapter 17 Error messages Chapter 18 Crashes Chapter 19 Hangs and sluggish performance Chapter 20 Malware Chapter 21 Understanding system behavior Chapter 22 Developer troubleshooting

其他技术讨论专区

476

社区成员

790,963

社区内容

发帖

与我相关

我的任务

其他技术论坛（原bbs）

社区管理员

加入社区

近7日
近30日
至今

加载中

查看更多榜单

社区公告

暂无公告

试试用AI创作助手写篇文章吧

+ 用AI写文章