如果您对Windows如何在引擎盖下运行感到好奇和了解更多,那么您可能会发现自己在想,当没有人登录Windows时,哪个“帐户”活动进程正在运行。有鉴于此,今天的超级用户问答帖子为好奇的读者提供了答案。
今天的问答环节是由SuperUser提供的,SuperUser是Stack Exchange的一个分支,是一个由社区驱动的问答网站分组。
超级用户读者Kunal Chopra想知道无人登录时Windows使用的是哪个帐户:
When no one is logged into Windows and the log in screen is displayed, which user account are the current processes running under (video & sound drivers, login session, any server software, accessibility controls, etc.)? It cannot be any user or the previous user because no one is logged in.
What about processes that have been started by a user but continue to run after logging off (for example, HTTP/FTP servers and other networking processes)? Do they switch over to the SYSTEM account? If a user-started process is switched over to the SYSTEM account, then that indicates a very serious vulnerability. Does such a process run by that user continue to run under that user’s account somehow after they have logged off?
Is this why the SETHC hack allows you to use CMD as SYSTEM?
没有人登录时,Windows使用哪个帐户?
超级用户贡献者grawity为我们提供了答案:
When no one is logged into Windows and the log in screen is displayed, which user account are the current processes running under (video & sound drivers, login session, any server software, accessibility controls, etc.)?
Almost all drivers run in kernel mode; they do not need an account unless they start user-space processes. Those user-space drivers run under SYSTEM.
With regard to the login session, I am sure that it uses SYSTEM as well. You can see logonui.exe using Process Hacker or SysInternals Process Explorer. In fact, you can see everything that way.
As for server software, see Windows services below.
What about processes that have been started by a user but continue to run after logging off (for example, HTTP/FTP servers and other networking processes)? Do they switch over to the SYSTEM account?
There are three kinds here:
If a user-started process is switched over to the SYSTEM account, then that indicates a very serious vulnerability.
It is not a vulnerability because you must already have Administrator privileges to install a service. Having Administrator privileges already lets you do practically everything.
See Also: Various other non-vulnerabilities of the same kind.
请务必通过下面的线程链接阅读此有趣讨论的其余部分!
有什么要补充的解释吗?在评论中发出声音。想从其他精通技术的Stack Exchange用户那里了解更多答案吗?在这里查看完整的讨论主题。
...**或其他计算机上,尝试使用您在PC上使用的Microsoft帐户登录。请确保您在此处键入的电子邮件没有错误。如果您仍然无法进入,请继续重置您的Microsoft密码。请转到Microsoft密码重置页面开始;您甚至可以在秋季创建者更新的登...
...据,请单击第一个屏幕上的下一步以使用您的帐户。若要登录到另一个帐户,请单击“我不是[帐户]”。 ...
...rosoft帐户的另一个好处是设置同步。您的个人设置将在您登录的所有设备上同步,从而节省在每个设备上的时间。 ...
...rosoft帐户(可能您的键盘有卡住的键或类似的东西)。去登录.live.com在您的**或其他计算机上,尝试使用您在PC上使用的Microsoft帐户登录,确保您没有键入任何错误。 ...
...应用程序并登录您的TeamViewer帐户。 查找“无人参与访问”标题并单击三个检查中的每一个,以便使您的Mac即使在您不使用时也可用。 ...
...据。如果你没有看到这个选项,你需要先用你的Google帐户登录Chrome。 ...
Windows 10的安装过程现在强制您使用Microsoft帐户登录。如果你想使用本地用户帐户,微软说你应该在以后从微软转到本地用户帐户。下面是方法。 你需要知道的 有一种方法可以在不使用Microsoft帐户的情况下设置Windows 10。如果...
每次打开计算机时,都必须选择一个用户帐户并登录。在Windows、macOS、Linux甚至Chrome操作系统上都是如此。这就是为什么这对个人电脑是必要的,而不是iPhone、iPad和Android。 它们是为多个用户设计的 现代操作系统是为多个用户...
...选项的复选框,但这会降低您的安全性。如果您的计算机无人看管,任何人都可以连接到具有您的公钥的远程计算机。 输入密码后,您就可以连接到远程计算机。 要再次端到端验证该过程,请使用exit命令断开连接,然后从同...
...应用程序(Win32应用程序) 启动:启动程序的列表,当你登录到你的用户帐户时,Windows会自动启动这些程序。您可以从这里禁用启动程序,不过也可以从“设置”>“应用程序”>“启动”中禁用。 用户:当前登录到你电脑...