PeteGO
Reputation: 5791
When to use Process.EnterDebugMode
On the MSDN page about Process.EnterDebugMode it says:
Some operating system processes run in a special mode. Attempting to read properties of or attach to these processes is not possible unless you have called EnterDebugMode on the component.
What is the special mode that is referred to here?
Upvotes: 5
Views: 2281
Answers (1)
Justin Dearing
Reputation: 14938
The "special mode" is simply adding SeDebugPrivilege. As Raymond Chen points out, If you grant somebody SeDebugPrivilege, you gave away the farm.
A user with SeDebugPrivilege can connect to any process and debug it. When you debug a process you can inject code into it. So from a security point of view, the user is basically an administrator.
Upvotes: 6
Related Questions
- When to use DebuggerDisplayAttribute
- How to debug C# process
- (How) does debugging change the workflow of the program?
- What are the benefits of using System.Diagnostics.Debugger.Break() over Attach to Process?
- Debug Mode vs Start without Debugging
- C# debugging a target process
- Where do we use Debug/Trace statements
- Debugging an ongoing .net process
- Debug vs Trace in C#
- Debugging a Process.Start()'ed application