Internet Explorer 在以中等完整性级别运行的单独 iexplore.exe 进程中分别启动 Intranet 和受信任站点。
有没有办法确定 iexplore.exe 进程的特定安全区域?
我正在开发一个任务管理器工具,并希望区分不同的安全区域 Restricted、Internet、Intranet 和 Trusted 之间的 iexplore.exe 进程。
问问题
86 次
1 回答
0
I believe you are looking for the IInternetSecurityManager::MapUrlToZone method. Yes, it's C++ and, yes, it's, er...complicated.
Update, based on the comment:
Security zones are URL-based; process isolation is more to do with protected mode, integrity levels, and AppContainer permissions. Not all details are available through public APIs for security reasons.
IIRC, the short answer you're looking for involve searching access tokens for specific SIDs (security descriptors) (context here). But, that's going to need further context to fully understand. You'll want to read the full collection of articles and then backfill some of the details using EricLaw's highly detailed backgrounders. (That's two separate links, BTW).
If searching for the SID doesn't lead you to the answer you're looking for, the larger collection of related "how-to" tasks may help.
Hope this helps...
-- Lance
于 2015-05-02T07:13:06.927 回答