0

I am creating a new Desktop in Windows XP/Vista and 7 using win32 API. This is more like having a secure Desktop and I don't want let any other application to be executed in that Desktop.

Well, in Windows XP if I press strg+shift+Esc or strg+alt+ent, in the Desktop which I created, I don't see the task manger on my Desktop but instead on the Default Desktop.

Well, that's ok, but in Windows Vista, doing the same I get the task manager in my Desktop where the user can start another application using File->New task (Run...) menu.

Here is my question, what is the best way to prevent task manager to be displayed in the desktop which I created or even prevent starting it?

1) using the registry key, 2) capturing the key strokes? 3) what else???

Thanks in advance! Gohlool

Gohlool
  • 363
  • 2
  • 5
  • 15
  • Do you want corporate security, or to prevent your child from defeating your net nanny? – Robert Harvey Nov 19 '09 at 00:37
  • Well, I don't get what you really mean, but for info, I am showing some information in my viewer and I don't want that any other software which can use the GetDC(0) call and draw on that DC over my Information to manipulate the information! That's it! – Gohlool Nov 19 '09 at 00:42
  • Is this a program you are destributing to other users? – Robert Harvey Nov 19 '09 at 00:45
  • Yes! The firm is distributing that software! – Gohlool Nov 19 '09 at 00:55
  • See my solution to [how-do-i-stop-an-application-from-opening](http://stackoverflow.com/questions/1284674/how-do-i-stop-an-application-from-opening) This will work fine, I just tested it. – Stephen Nutt Nov 19 '09 at 00:42
  • WOW! That's a nice one! Since it is a entry in HKEY_CURRENT_USER there is no need of Admin privileges. So I can call add the Registry entry as soon I switch the Desktop() make that entry and delete it again when I am ready with my work! I'll give a try! – Gohlool Nov 19 '09 at 01:01
  • Well, I checked your solution again and noticed I was wrong with HKEY_CURRENT_USER! Its HKEY_LOCAL_MACHINE! Well, I already implemented a COM Elevation Moniker! can use that to access the Registry. Well, let see! – Gohlool Nov 19 '09 at 01:06

4 Answers4

2

Group Policy is your friend. Here's how to disable it.

Robert Harvey
  • 178,213
  • 47
  • 333
  • 501
Wayne Hartman
  • 18,369
  • 7
  • 84
  • 116
  • Thanks! But I don't want to disable it for everybody or even for my Desktop! As I said, when I change the Desktop, at that point I want to prevent task manager to be executed or shown in my Desktop, which I created by CreateDesktop() call! – Gohlool Nov 19 '09 at 00:58
2

I assume you are calling CreateDesktop, if so, you should be able to lock down that desktop with a security descriptor that only allows access to your program

Anders
  • 97,548
  • 12
  • 110
  • 164
  • Exactly! I am using CreateDesktop() API CALL! Do you have any hint or sample how to define the security descriptor! I rried but failed! Thanks! – Gohlool Nov 20 '09 at 10:48
1

This probably isn't the best solution, but you could always monitor for task manager and close it

foreach (Process clsProcess in Process.GetProcesses()) {
        if (clsProcess.ProcessName.StartsWith("taskmgr"))
        {
            clsProcess.Kill();
            return true;
        }
    }

Code is in C#

Jeremy Morgan
  • 3,314
  • 23
  • 23
  • Well, thanks for that tip. It's a fine idea! The Problem is that am I going to be fast enough to get the list of processes every let say 50 ms and check for the "taskmgr"? Well, I'll try that! Thanks. – Gohlool Nov 19 '09 at 00:45
-1

rename taskman.exe to somthing else.

Byron Whitlock
  • 52,691
  • 28
  • 123
  • 168