使用PsExec tool在Session 0下运行程序
在Service程序中使用OutputDebugString输出log信息, 在当前用户直接运行DbgView.exe, log信息是不会输出到DbgView窗口的.原因是Server程序运行在Session 0下,而DbgView运行在Session 1下.log信息不会跨Session 0输出到Session 1.
解决办法就是设法将DbgView也运行在Session 0下. 这可以通过PsExec工具达到目的.
E:\Software\_DevTool\PSTools>PsExec.exe -i 0 "E:\Software\_DevTool\PSTools\Dbgview.exe"
// 运行带参数的程序
E:\Software\_DevTool\PSTools>PsExec.exe -i 0 "D:\XX\XXX\XXXX.exe" -c 0 -p 18700 -cp 18701
-i: 指定Session.这里指定Session 0.
运行后,会弹出一个Session 0 与桌面的交互窗口,点击"View the message"进入,就可以看到运行在Session 0 的DbgView.
微软为何将Service与Application分在不同的Session下:
(refer to: http://msdn.microsoft.com/en-us/windows/hardware/gg463353.aspx)
In Windows XP, Windows Server 2003, and earlier versions of Windows, all services run in Session 0 along with applications. This situation poses a security risk.
In Windows Vista, Windows Server 2008, and later versions of Windows, the operating system isolates services in Session 0 and runs applications in other sessions, so services are protected from attacks that originate in application code.
可见,微软是考虑到安全性问题, 将Service安全隔离在Session 0下, 防止application的代码篡改Service.