One of the nasty issues with LogProcessExceptions utility was that it was unable to attach to service processes and track them to catch their exceptions.
The actual problem was that the processes were not listed in first place, so there was nothing to attach to. Access and security requirements necessary for a process to debug another process are listed in MSDN DebugActiveProcess article:
The debugger must have appropriate access to the target process, and it must be able to open the process for
PROCESS_ALL_ACCESS.DebugActiveProcesscan fail if the target process is created with a security descriptor that grants the debugger anything less than full access. If the debugging process has theSE_DEBUG_NAMEprivilege granted and enabled, it can debug any process.
The utility did enable the SE_DEBUG_NAME privilege, however it was doing it prior to starting debugging session and after the process of interest was already pointed to by user.
This was insufficient because EnumProcesses only lists service processes (not actually exactly services, but processes running in different security context) in case debug privilege is already enable by the time of the API call. The utility now enabled the privilege well in advance and list the services, so can be effectively applied to those.
Download links:
- Partial Visual C++ .NET 2010 source code: Trac, Subversion
- Binaries: Win32 – LogProcessExceptions.exe, x64 – LogProcessExceptions.exe