I would like to call Process.Start with some user having limited-privilege because the run program may contain malicious code. Here I think Everyone should be right to try first and I think that it does not have any associated password.
However the following code will complain about incorrect username or password (of course the username does exist, so looks like it's about the password):
var startInfo = new ProcessStartInfo("some_exe");
startInfo.WorkingDirectory = Environment.CurrentDirectory;
startInfo.UserName = "Everyone";
startInfo.Domain = "mydomain";
startInfo.UseShellExecute = false;
Process.Start(startInfo);
If this is not possible, I have to somehow dynamically create an user account having limited-privilege with full username/password to use for Process.Start.
In .NET core, we cannot use AppDomain to create sandbox, the only recommended approach here is to try branching another process with less/limited privileged.
The SID Everyone is not a user, it's a special system SID (a bit like a group). So you can't use it to "run as".
You need to create a user specifically for that purpose.