I use File.GetAccessControl(ProcessName).GetOwner(typeof(SecurityIdentifier)).Translate(typeof(NTAccount)).tostring();
to get the owner of a process running in the task manager but it returns "Builtin\Administrators" while the process I queried was an installed program's running instance that is runnable without an administrative privilege. Why is that ? Besides, I expect a better string returned i.e "System" or "Local network service" instead of fake Builtin\Administrators.
I tested this method with all other processes and I'm surprised to find only my opening notepad instance is supposed to be of my computer's username.
Asked
Active
Viewed 170 times
0
Real Bite of Life
- 93
- 1
- 12
1 Answers
1
I believe you are querying the file itself not the running process. You'll need to do something like this How do I get the SID / session of an arbitrary process?
