On 1/14/21, Tim Roberts <t...@probo.com> wrote: > On Jan 13, 2021, at 8:07 PM, Pongthorn Sangkaphet > >> I have tried already but error >> > That’s 0x80070005, which is ERROR_ACCESS_DENIED. Have you tried running > this from an elevated process?
The default security descriptor of a task grants all access to administrators, and the principal user of the task is granted read access. Implicitly, however, the principal can execute a task as long the task security grants read access. Because the principal user can execute a task, this allows an administrator to configure a task to run elevated (i.e. with highest privileges) as the administrator user, which bypasses UAC (e.g. when executed via schtasks /run from a restricted security context). If the principal user has the batch logon right, then the task can also run in the services session (i.e. the option to run whether or not the user is logged on), but that's not pertinent to the question of execute access. If you need to allow some other user to read and execute a task (e.g. to bypass UAC in the context of the principal user), then you'll need to grant that user file read (FR) and execute (FX) access. Begin by retrieving the task's DACL_SECURITY_INFORMATION (4) in SDDL form from GetSecurityDescriptor [1]. You can convert this string to an SD record to work with it programmatically, or simply append an allow ACE in SDDL form, such as "(A;;FRFX;;;<string SID>)". Then write the new DACL via SetSecurityDescriptor. --- [1] https://docs.microsoft.com/en-us/windows/win32/taskschd/registeredtask _______________________________________________ python-win32 mailing list python-win32@python.org https://mail.python.org/mailman/listinfo/python-win32
