Basically, I have an exe app that is installed with priviledges (as in, the user presses the "Allow" button in Vista/Win7 UAC check), then the application starts and sets itself to auto-run so that the application will automatically restart again once the computer is rebooted (all done while elevated). The autostarting is requested by user, and is not enforced upon them.
This reboot instruction is set in the registry, in the CURRENT_USER section as below:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
The problem is, when the computer reboots, Windows will not let it execute unless the user re-authorizes it as an elevated process again (namely, a taskbar icon pops up in the tasktray saying the starting of my EXE/process was prevented, and the user is given the ability to launch the blocked app using menus on the icon in the tasktray).
I would like to add that I have the manifest file integrated into the EXE, so there is no problem on that end, and it registers its intentions accurately in the XML file.
Why does Windows do this by design? If an exe was authorized once, shouldn't that imply that it be authorized permanently?
But the main question I would like to ask is, how do I get around this? Imagine my users having to do this every single time the application needs to autorun?
Also, I would like to avoid the whole "your app shouldn't be running in elevated mode in the first place" argument/discussion, or the "no app needs elevated priviledges, you need to rewrite it" discussion. I can assure you that my app needs elevated priviledges (unfortunately). More details below if interested, not necessary to interpret or understand the question in this post, but included because I know some people will ask)...
Additional Unnecessary Reading:
...In fact, it requires it in 87% of all launches (depending on what users do), and for the 13% of times were it is not needed (that's, 13% of all launch instances, not 13% of users), I am developing a second exe where only that is launched first, and once an elevated feature is needed/requested, the elevated portion loads, saving 13% of all launches from hassling people with UAC nag, I will only have this ready by 2013. I'm going to all this work to split up functions that don't logically belong in different areas of the application - even with all this work, the problem I mentioned above does not get resolved (but rather, very slightly minimized or deferred).
I'm not sure why this was tagged with any programming language, and since it is really a ServerFault question it doesn't even belong here as far as I can tell.
The normal way to handle this is via Task Scheduler though, using the Run with Highest Privileges option. There are several published descriptions of the process involved, such as the old one at Make Vista launch UAC restricted programs at startup with Task Scheduler.
Why does Windows do this by design? If an exe was authorized once,
shouldn't that imply that it be authorized permanently?
That's a matter of opinion, but here's mine. If I needed Visual Studio to run elevated yesterday because I wanted it to regsvr32 a DLL, that doesn't prove that I want it to run elevated today on some different app.
But the main question I would like to ask is, how do I get around this?
I would use a service. The programming is non-trivial but that's how I would autorun an elevated process.
Either ask the user to turn off UAC or, as you already mentioned, redesign your application so that it elevates at the point elevation is needed, or run a service under system account and let it do the stuff which requires elevation.
Related
I am currently coding a WPF project. The project is a sort of Task Manager program. Inside of the project, there are methods that take real-time PC data (temp, frequency, etc). However, some of the methods in the project require administrator privileges, so that the program can have access to the different values/data from the PC.
The problem at hand is that the program asks for these permissions every time the program is run. While I know this is just a personal preference, I would like to make the program only ask for the said privileges at installation/first run, so that the user does not have to authorize their permission every time.
Just to be clear, this is not a question about how to get the administrator privileges in general. I know that there is the option to manipulate the app.manifest file. This question is only pertaining to keeping the set administrator privileges programmatically, or through other means such as visual studios.
(Also, the program uses NSIS as an installer, if this is at all helpful)
Thanks
EDIT:
Looking back at this question, it was a pretty stupid one. It was just due to my sloppy/lazy coding.
That is not possible because the purpose of UAC Prompt is to create awareness for the user so they know that they are allowing admin privileges to the software.
I Do not really advise you to skip the step of the prompts.
You can not do it directly but you can indirectly , if you can write a code to do the following steps here , you can achieve what you asked for.
Windows is a secure operating system. If the user is not an administrator: then you don't get to control that.
What would your application have done under Windows XP?
Would it have crashed?
Would you have refused to run?
Would you have told the user that they need to be an administator?
Is there no lesser mode you can use that can still give the user useful information? After all, Process Explorer is still able to run and give me all kinds of useful information about processes on the computer.
But if the user is a standard user, you have no way to change that at install time.
I have a WPF application which will be used on tablets with Windows 10.
In my development environment, the application runs very fast. However, if I run the application on tablet without admin rights, the application responds very slow : all animations are slow, the scrolling is not smooth, and touch problems are visible (cannot move the caret). If the application has admin rights all things are working fine.
I tried to disable the logs, I tried to decrease the FPS, nothing seems to help.
My application is connected to a sqlite database, but even without accessing the database is very slow. There are no other connections that may require admin rights.
What could be the problem?
EDIT: Also in my dev environment the app is running slower without admin rights. I was running the VS2015 with admin rights and for that reason the application worked fine.
WPF has settings under HKEY_CURRENT_USER that can disable hardware acceleration:
https://msdn.microsoft.com/en-us/library/aa970912(v=vs.110).aspx
If the Disable Hardware Acceleration Option or the Use Reference Rasterizer Option are set, a WPF application will run slowly for that user.
Try to trace your app with Process Monitor. Run 2 traces for app running with and without admin rights. Filter your app events only via Tools->Process Tree... -> right click on your process -> Add to Include filter and compare these trace logs (or just post them here). Pay attention on gaps between registry key readings or network access.
That literally could be anything.
Mark Russinovich make a presentation almost every year about finding some interesting cases. Here's one of them.
P.S. I'm sorry to post that as an answer, but I don't have enough points to add comments right now.
To offer an answer for people that might face the same issue, now, after I've searched a lot for something helpful, I can say that this problem it is mainly a problem related to rights.
If you encounter this issue, try to run Visual Studio without admin rights and try to isolate the region where the application begins to act very slow (or the place were it crashes) . In my case, wasn't the database, or the log files, but a file in AppData which was used by an external assembly. I've seen that, every time that dll was called, the application was freezing and using dotTrace, I've managed to find which file it is used. After setting the rights (r/w) on that file, everything was back to normal.
I want my C# program to run with administrator privileges.
I know I can do this by editing the manifest file.
But is there any possible way to ask the user's permission only once (at first launching of program), not every time?
No you cannot do that. When running under UAC, if an application needs to be elevated, the UAC dialog must be shown every time the process starts.
If you want to minimise the amount of times the user has to face the UAC dialog, the solution is for your application not to require elevation. If there are some tasks that your application performs that do require elevation, move them into a separate process, and request elevation only when the user attempts those tasks. All these issues are covered in some detail over on MSDN in the UAC guidelines.
But I want to know is there any possible way to ask user's permission only once(at first launching of program), not every time?
No, there is not. The entire purpose of UAC is to make sure the user is aware that they are providing elevated permissions every time they execute a program that requires it. There is no way to make your program "violate" that behavior.
Yes, but not directly. You can use the Task Scheduler to create Administration Mode Shortcuts without the UAC Prompts. See this link.
You could probably wire something up programmatically that would create this shortcut upon first run.
I have simple WinForms application where modifying Windows Registry. The problem is that in Vista / Windows 7 I need to force user to switch to administrator.
I do not want to force user to Run as Administrator form start of the application. I want him to do it when there is necessity to write to registry.
Best case scenario would be to reach exacly the same message which appear in lot's of Setups, when user need to 'switch' to Administrator so there is no necessity to Run as Administrator form beginning.
How I can achieve this in .Net ?
Partitioning is the way to go if the application sometimes doesn't do the Registry thing and sometimes does. The three keys to partitioning are (1) have a manifest on the second exe, as Ho says, (2) put a shield on the button/menu item so the user expects the elevation, and (3) launch it with ShellExecute (before calling Start, set the UseShellExecuteFlag to true) so that the manifest is used.
However, before going to the trouble of splitting your app, I would ask two questions. First, is it ever used for non administrative purposes or does every user always "click that button" and need to elevate? If so, then just put an admin manifest on the app and don't partition it. Second, are you sure to need to write to that part of the registry? Could you move your key to something under HKCU? If you can, then you don't need elevation any more and everyone's happier. I always like to consider those possibilites first since they mean less code and less testing than partioning does.
As Aaronaught says, I don't think it's possible for a process to to request to elevate itself. One way around this is that you split your process into two apps, one is the normal one that does most of the work and the other one only does the registry writes and this one has a manifest that contains something like
<requestedExecutionLevel level="requireAdministrator"/>
As far as I know, there's no API to elevate a process. It happens automatically when a process tries to launch another process in elevated mode.
This is also how it works with the Windows Installer. I'm not sure if it literally starts another elevated process or just creates an elevated COM object, but it's effectively the same thing.
I personally wouldn't resort to this hackish workaround to elevate your process mid-execution; if your process may require elevation, then make that explicit with a manifest and let the consent message pop up on startup. But if you absolutely must do this, then that's how - you need to launch an elevated process from within your app.
Is it possible for a process to lower itself from elevated UAC permission back to standard user? If not can the elevated process launch its copy with standard user token and then kill itself? Any code examples (C# preferred)?
Details:
Problem:
- user installs my product (written in C#)
- the installer elevates its UAC permission to admin
- at the end the installer launches my exe
- the exe inherits elevated permissions from admin
- the exe mounts network drives which become invisible in Windows Explorer (that runs with regular permissions)
Options I considered:
1) break installer into outer exe and inner exe, that runs with elevated permission. The install consists of 1000+ lines of NSIS code and I don't know anything about NSIS
2) mounting drives with lower permissions. If I do it Win Explorer can see the drives but my exe cannot
3) setting EnableLinkedConnection registry option to 1. This is a no-go because it requires PC reboot during the installation.
Please help!
Sergey
One way: http://www.codeproject.com/KB/vista-security/VistaElevator.aspx
Another way (mentioned in most recent comment in previous article): http://brandonlive.com/2008/04/27/getting-the-shell-to-run-an-application-for-you-part-2-how/
It is impossible to get this working in all configurations, there are ugly hacks like Kyle links to, but in the end, there is no real way to lower your rights. Since you mention NSIS, it so happens that it does have a plugin called UAC that does the inner/outer instance dance, it's not pretty but it does work.
If you're fine with a "hack" answer, another blog post about NSIS shows a much simpler approach. Just using explorer.exe to launch another process seems to work.*
The C# would just be
Process.Start("explorer.exe", YourProgram.ExecutablePath)
Beware that even if you WaitForExit() explorer, your program likely hasn't finished yet!
*Also beware one of the comments: "Unfortunately, the Windows Shell team has replied that the current behavior of "Explorer.exe AppName.exe" is a bug and may not work in future updates/versions of Windows. Applications should not rely upon it."