微软有出可测试程式所使用之系统权限之工具 (两个都要装)： Microsoft Standard User Analyzer http://www.microsoft.com/downloads/details.aspx ?FamilyId=DF59B474-C0B7-4422-8C70-B0D9D3D2F575&displaylang=en Microsoft Application Verifier http://www.microsoft.com/downloads/details.aspx ?FamilyID=bd02c19c-1250-433c-8c1b-2619bd93b3a2&DisplayLang=en 它可以用於 XP/2003/Vista，要测 Vista 上的权限还是得在 Vista 上执行才有意义。 我测伪虾米在 Vista 上所得的结果，我自己是看不懂， 不晓得对 Luke 大大有没有帮助…我猜是没有… :-D 这讯息有两个： The application performed a hard administrator check. Called CheckTokenMembership against trusted entity 'NT AUTHORITY\SYSTEM' (not present) Stack Trace: vfluapriv2!VerifierQueryLayerBreaks+9c1 vfluapriv2!VerifierRegisterLayerEx+c67 IMM32!CtfImmGetTMAEFlags+381 IMM32!CtfImmGetTMAEFlags+39 IMM32!CtfImmGetTMAEFlags+10c IMM32!ImmLockIMC+f IMM32!ImmSetActiveContext+337 USER32!GetForegroundWindow+45 USER32!GetKeyboardLayout+396 USER32!GetKeyboardLayout+343 USER32!GetKeyboardLayout+638 USER32!KillTimer+5286 USER32!KillTimer+5226 USER32!GetClipboardFormatNameA+dc USER32!IsRectEmpty+4f ntdll!KiUserCallbackDispatcher+2e USER32!KillTimer+5286 USER32!DefDlgProcW+e01 USER32!DefDlgProcW+aa USER32!DefDlgProcW+22 USER32!KillTimer+5286 USER32!KillTimer+5226 USER32!GetClientRect+154 USER32!DefDlgProcW+d04 USER32!DefDlgProcW+460 USER32!SoftModalMessageBox+51a USER32!MessageBoxTimeoutW+1e6 USER32!MessageBoxIndirectA+c2 msvbvm60!BASIC_DISPINTERFACE_GetTICount+a357 msvbvm60!BASIC_DISPINTERFACE_GetTICount+a1d3 msvbvm60!BASIC_DISPINTERFACE_GetTICount+a4ce msvbvm60!IID_IVbaHost+35388 这讯息有一个： Access was restricted to trusted users only. CreateFileW: File (\Device\NamedPipe\lsass) only grants requested 'FILE_APPEND_DATA' to 'BUILTIN\Administrators' Stack Trace: vfluapriv2!+6ebc36f2 vfluapriv2!+6ebc3bd1 vfluapriv2!+6ebc3d5e vfluapriv2!+6ebc3e18 vfluapriv2!+6ebc3e7f vfluapriv2!+6ebc3f98 vfluapriv2!+6ebc46e4 RPCRT4!NdrPointerBufferSize+20f4 RPCRT4!NdrPointerBufferSize+1931 RPCRT4!NdrPointerBufferSize+1786 RPCRT4!NdrPointerBufferSize+160f RPCRT4!NdrPointerBufferSize+155c RPCRT4!NdrPointerBufferSize+567 RPCRT4!NdrPointerBufferSize+49a RPCRT4!I_RpcGetBufferWithObject+48 RPCRT4!I_RpcGetBuffer+f RPCRT4!NdrGetBuffer+2e RPCRT4!NdrClientCall2+11c ADVAPI32!LsaOpenPolicy+d1 ADVAPI32!LsaOpenPolicy+45 ADVAPI32!LsaFreeMemory+15a ADVAPI32!LsaFreeMemory+ff ADVAPI32!ConvertStringSecurityDescriptorToSecurityDescriptorW+bc ADVAPI32!ConvertStringSecurityDescriptorToSecurityDescriptorW+2e MSCTF!TF_CreateCategoryMgr+202 MSCTF!TF_CreateCategoryMgr+170 MSCTF!TF_CreateCategoryMgr+3b6 MSCTF!TF_AttachThreadInput+1d7 MSCTF!TF_AttachThreadInput+6b7 MSCTF!TF_DllDetachInOther+6abb MSCTF!DllCanUnloadNow+3a56 USER32!KillTimer+5286 -- ChrisTorng http://spaces.msn.com/ChrisTorng ChrisTorng Test Addin: Windows Live Messenger 8.0.0683 的测试外挂 --

※ 发信站: 批踢踢实业坊(ptt.cc) ◆ From: 203.75.28.114