8

A process ID is a number that uniquely identifies a process. A process handle is also a number that uniquely identifys a process kernal object.

Why do we need them both since either of them can identify a process.

I think the answer may lie in the mapping relationship betweeen a process and a process kernel object. Is it true that more than one process kernel objects can be mapped to a single process? And each process kernel object has its own process handle. So that each of the process kernel object could represent different access mode or things like that.

This question came to me when I am using the MiniDumpWriteDump() function, which is declared like this:

BOOL WINAPI MiniDumpWriteDump(
  __in  HANDLE hProcess,
  __in  DWORD ProcessId,
  __in  HANDLE hFile,
  __in  MINIDUMP_TYPE DumpType,
  __in  PMINIDUMP_EXCEPTION_INFORMATION ExceptionParam,
  __in  PMINIDUMP_USER_STREAM_INFORMATION UserStreamParam,
  __in  PMINIDUMP_CALLBACK_INFORMATION CallbackParam
);

So it's parameters include both process id and process handle. I just don't know why it's necessary to have them both.

Many thanks for your insights.

smwikipedia
  • 61,609
  • 92
  • 309
  • 482

2 Answers2

5

Process Handle is

  1. Arbitrary
  2. Internal to process that acquired it. Private and can't be shared between threads/processes
  3. It carries security access rights too

While Process ID is

  1. Unique
  2. Universal, public, so it can be shared between threads/processes
Faheem
  • 3,429
  • 19
  • 26
  • 2
    note that you can inherit and duplicate handles into other processes, so 2 is not entierly correct. – DennyRolling Nov 08 '10 at 02:50
  • Nod. If SECURITY_ATTRIBUTES.bInheritHandle is set to true in CreateProcess API, a child process can get handle of it's parent process with full access rights. AFAIK, parent process can't share handles of any other processes it might have. Please correct me if my understanding is wrong. – Faheem Nov 08 '10 at 03:27
  • 2
    Win32 `HANDLE`-s **can** be shared between threads. The only exceptions are the pseudo-handles, such as returned by `GetCurrentThread`. Plus I'd add the `HANDLE`-s need to be closed, since they actually reference a system resource. – valdo Nov 08 '10 at 11:35
  • Faheem: one can duplicate any handle into another process. Check out http://msdn.microsoft.com/en-us/library/ms724251(VS.85).aspx – DennyRolling Dec 02 '10 at 16:22
  • A process ID is not truly unique since it can be (and often is) recycled once the process is terminated. – rory.ap Jan 20 '15 at 17:32
3

the difference is that 'id' is system-wide number which uniquely identifies the process. 'handle' on the other hand is an opaque value which connects process and access to that process to your program. you can potentially have multiple different handles to the same process.

I don't know why MiniDumpWriteDump takes both.

DennyRolling
  • 476
  • 3
  • 9