On Apr 18, 9:29 pm, sturlamolden <[EMAIL PROTECTED]> wrote: > On 18 Apr, 21:28, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > > > Passing a NULL SectionHandle to NTCreateProcess/CreateProcessEx > > results in a fork-style copy-on-write duplicate of the current process. > > I know about NtCreateProcess and ZwCreateProcess, but they just create > an empty process - no context, no thread(s), no DLLs loaded, etc. > There is even an example code of how to implement fork() with > ZwCreateProcess in Nebbet's book on NT kernel internals, but > apparently it doesn't work quite well.
It works fine for a copy-on-write process creation. It doesn't work 100% compatibly to fork. Nebbet is the best reference out there on the method. FWIW, NT's POSIX subsytem fork() uses (or used to use) the NULL SectionHandle method and was POSIX certified, so it's certainly possible. > Searching with Google, I find several claims that there is a > "CreateProcessEx" Yeah my bad, I meant zwCreateProcess. It's been almost a decade now since I used it. -- http://mail.python.org/mailman/listinfo/python-list
