描述 SDDL 的正确方法是什么？

问：

这是我第一次使用 SDDL，除了管理员之外，我不需要其他用户就可以终止该过程，但它不是这样工作的

using System.ComponentModel;
using RemoteMaster.Client.Abstractions;
using RemoteMaster.Client.Core.Abstractions;
using RemoteMaster.Client.Core.Extensions;
using RemoteMaster.Client.Services;
using Windows.Win32.Foundation;
using Windows.Win32.Security.Authorization;
using static Windows.Win32.PInvoke;

internal class Program
{
    private static void Main(string[] args)
    {
        var builder = WebApplication.CreateBuilder(args).ConfigureCoreUrls();

        builder.Services.AddCoreServices();
        builder.Services.AddSingleton<IScreenCapturerService, BitBltCapturer>();
        builder.Services.AddSingleton<ICursorRenderService, CursorRenderService>();
        builder.Services.AddSingleton<IInputService, InputService>();
        builder.Services.AddSingleton<IPowerService, PowerService>();

        var app = builder.Build();

        app.MapCoreHubs();

        app.Run();

        ProtectCurrentProcess();
    }

    private static unsafe void ProtectCurrentProcess()
    {
        const uint DACL_SECURITY_INFORMATION = 0x00000004;
        const uint SDDL_REVISION_1 = 1;

        using var currentProcess = GetCurrentProcess_SafeHandle();

        if (!ConvertStringSecurityDescriptorToSecurityDescriptor("D:P(A;;GA;;;BA)(D;;GA;;;WD)", SDDL_REVISION_1, out var sd, null))
        {
            throw new Win32Exception();
        }

        if (!GetSecurityDescriptorDacl(sd, out var daclPresent, out var pDacl, out var defaultDacl) || !daclPresent)
        {
            throw new Win32Exception();
        }

        var result = SetSecurityInfo(currentProcess, SE_OBJECT_TYPE.SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, default, default, *pDacl, null);

        if (result != WIN32_ERROR.ERROR_SUCCESS)
        {
            throw new Win32Exception((int)result);
        }
    }
}

我不排除我不仅在 SDDL 字符串中犯了错误，而且在其赋值方法中也犯了错误。我使用 CsWin32