.NET - Lower Application Privileges - c#

I would like to know how to programmatically lower my application's privileges. So, let's say someone with admin privileges runs my program, I would like my program to still run under a normal user's environment or with less privileges that I don't need. Also, could you explain what is restricted in the lower trust environment?
Edit: Curtisk suggested the permview.exe tool to view an application's permissions, which lead me in the right direction to the newer permcalc.exe tool - http://msdn.microsoft.com/en-us/library/ms165077(VS.80).aspx. Thanks again.

The RequestMinimum Flag may be close to what you need, although it is zone/PermissionSet based, more details in the linked MSDN How-to.
The idea is it will run the application with the least set of privileges to function, regardless of who calls it...
Follow up on question in comments below: check out the Permissions View Tool

Related

How to make a program Run as Administrator Automatically

I am currently coding a WPF project. The project is a sort of Task Manager program. Inside of the project, there are methods that take real-time PC data (temp, frequency, etc). However, some of the methods in the project require administrator privileges, so that the program can have access to the different values/data from the PC.
The problem at hand is that the program asks for these permissions every time the program is run. While I know this is just a personal preference, I would like to make the program only ask for the said privileges at installation/first run, so that the user does not have to authorize their permission every time.
Just to be clear, this is not a question about how to get the administrator privileges in general. I know that there is the option to manipulate the app.manifest file. This question is only pertaining to keeping the set administrator privileges programmatically, or through other means such as visual studios.
(Also, the program uses NSIS as an installer, if this is at all helpful)
Thanks
EDIT:
Looking back at this question, it was a pretty stupid one. It was just due to my sloppy/lazy coding.
That is not possible because the purpose of UAC Prompt is to create awareness for the user so they know that they are allowing admin privileges to the software.
I Do not really advise you to skip the step of the prompts.
You can not do it directly but you can indirectly , if you can write a code to do the following steps here , you can achieve what you asked for.
Windows is a secure operating system. If the user is not an administrator: then you don't get to control that.
What would your application have done under Windows XP?
Would it have crashed?
Would you have refused to run?
Would you have told the user that they need to be an administator?
Is there no lesser mode you can use that can still give the user useful information? After all, Process Explorer is still able to run and give me all kinds of useful information about processes on the computer.
But if the user is a standard user, you have no way to change that at install time.

Keeping Elevated Priviledges after EXE Installs and is Auto-Started during Reboot?

Basically, I have an exe app that is installed with priviledges (as in, the user presses the "Allow" button in Vista/Win7 UAC check), then the application starts and sets itself to auto-run so that the application will automatically restart again once the computer is rebooted (all done while elevated). The autostarting is requested by user, and is not enforced upon them.
This reboot instruction is set in the registry, in the CURRENT_USER section as below:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
The problem is, when the computer reboots, Windows will not let it execute unless the user re-authorizes it as an elevated process again (namely, a taskbar icon pops up in the tasktray saying the starting of my EXE/process was prevented, and the user is given the ability to launch the blocked app using menus on the icon in the tasktray).
I would like to add that I have the manifest file integrated into the EXE, so there is no problem on that end, and it registers its intentions accurately in the XML file.
Why does Windows do this by design? If an exe was authorized once, shouldn't that imply that it be authorized permanently?
But the main question I would like to ask is, how do I get around this? Imagine my users having to do this every single time the application needs to autorun?
Also, I would like to avoid the whole "your app shouldn't be running in elevated mode in the first place" argument/discussion, or the "no app needs elevated priviledges, you need to rewrite it" discussion. I can assure you that my app needs elevated priviledges (unfortunately). More details below if interested, not necessary to interpret or understand the question in this post, but included because I know some people will ask)...
Additional Unnecessary Reading:
...In fact, it requires it in 87% of all launches (depending on what users do), and for the 13% of times were it is not needed (that's, 13% of all launch instances, not 13% of users), I am developing a second exe where only that is launched first, and once an elevated feature is needed/requested, the elevated portion loads, saving 13% of all launches from hassling people with UAC nag, I will only have this ready by 2013. I'm going to all this work to split up functions that don't logically belong in different areas of the application - even with all this work, the problem I mentioned above does not get resolved (but rather, very slightly minimized or deferred).
I'm not sure why this was tagged with any programming language, and since it is really a ServerFault question it doesn't even belong here as far as I can tell.
The normal way to handle this is via Task Scheduler though, using the Run with Highest Privileges option. There are several published descriptions of the process involved, such as the old one at Make Vista launch UAC restricted programs at startup with Task Scheduler.
Why does Windows do this by design? If an exe was authorized once,
shouldn't that imply that it be authorized permanently?
That's a matter of opinion, but here's mine. If I needed Visual Studio to run elevated yesterday because I wanted it to regsvr32 a DLL, that doesn't prove that I want it to run elevated today on some different app.
But the main question I would like to ask is, how do I get around this?
I would use a service. The programming is non-trivial but that's how I would autorun an elevated process.
Either ask the user to turn off UAC or, as you already mentioned, redesign your application so that it elevates at the point elevation is needed, or run a service under system account and let it do the stuff which requires elevation.

Is there a way to set the compatibility mode in Win7 programmatically in C#

I am working on a program. In testing it on Win7(32-bit, don't know if it will be the same in 64-bit) I found a problem.
Now my problem is that some of the functionality does not work(like the right click doesn't show options or the program takes long to react). If however I set up a the compatibility mode it works fine. I mainly see this problem in Microstation, but it does appear in other places as well.
My question is as follows, is there a way to set these settings(like the check boxes) programmatically from C# ?
This might be necessary in cases where we do not do the installation of the program, to insure that it works on every pc it is installed on. Let us assume that during the installation the program has admin rights. (would it be needed to do this??)
this has nothing to do with Internet Explorer. i wanted to add a picture, but i dont have enough rep yet
There is no way to change this while the application is running, you have two choices to handle this issue:
Modify the installer to create shortcuts that have the compatibility mode flag set to whatever you need
You can manually manipulate the registry to force an executable to use compatibility mode, your application will require admin rights todo so + will need to restart afterwards
Here it's explained how todo it manually, you simply have to do it programatically:
http://kb.winzip.com/kb/entry/139/
In general I discourage you from doing either, fix your bugs instead.

How to force user to user Administrator account in WinForms

I have simple WinForms application where modifying Windows Registry. The problem is that in Vista / Windows 7 I need to force user to switch to administrator.
I do not want to force user to Run as Administrator form start of the application. I want him to do it when there is necessity to write to registry.
Best case scenario would be to reach exacly the same message which appear in lot's of Setups, when user need to 'switch' to Administrator so there is no necessity to Run as Administrator form beginning.
How I can achieve this in .Net ?
Partitioning is the way to go if the application sometimes doesn't do the Registry thing and sometimes does. The three keys to partitioning are (1) have a manifest on the second exe, as Ho says, (2) put a shield on the button/menu item so the user expects the elevation, and (3) launch it with ShellExecute (before calling Start, set the UseShellExecuteFlag to true) so that the manifest is used.
However, before going to the trouble of splitting your app, I would ask two questions. First, is it ever used for non administrative purposes or does every user always "click that button" and need to elevate? If so, then just put an admin manifest on the app and don't partition it. Second, are you sure to need to write to that part of the registry? Could you move your key to something under HKCU? If you can, then you don't need elevation any more and everyone's happier. I always like to consider those possibilites first since they mean less code and less testing than partioning does.
As Aaronaught says, I don't think it's possible for a process to to request to elevate itself. One way around this is that you split your process into two apps, one is the normal one that does most of the work and the other one only does the registry writes and this one has a manifest that contains something like
<requestedExecutionLevel level="requireAdministrator"/>
As far as I know, there's no API to elevate a process. It happens automatically when a process tries to launch another process in elevated mode.
This is also how it works with the Windows Installer. I'm not sure if it literally starts another elevated process or just creates an elevated COM object, but it's effectively the same thing.
I personally wouldn't resort to this hackish workaround to elevate your process mid-execution; if your process may require elevation, then make that explicit with a manifest and let the consent message pop up on startup. But if you absolutely must do this, then that's how - you need to launch an elevated process from within your app.

Vista/7 UAC: how to lower process privileges

Is it possible for a process to lower itself from elevated UAC permission back to standard user? If not can the elevated process launch its copy with standard user token and then kill itself? Any code examples (C# preferred)?
Details:
Problem:
- user installs my product (written in C#)
- the installer elevates its UAC permission to admin
- at the end the installer launches my exe
- the exe inherits elevated permissions from admin
- the exe mounts network drives which become invisible in Windows Explorer (that runs with regular permissions)
Options I considered:
1) break installer into outer exe and inner exe, that runs with elevated permission. The install consists of 1000+ lines of NSIS code and I don't know anything about NSIS
2) mounting drives with lower permissions. If I do it Win Explorer can see the drives but my exe cannot
3) setting EnableLinkedConnection registry option to 1. This is a no-go because it requires PC reboot during the installation.
Please help!
Sergey
One way: http://www.codeproject.com/KB/vista-security/VistaElevator.aspx
Another way (mentioned in most recent comment in previous article): http://brandonlive.com/2008/04/27/getting-the-shell-to-run-an-application-for-you-part-2-how/
It is impossible to get this working in all configurations, there are ugly hacks like Kyle links to, but in the end, there is no real way to lower your rights. Since you mention NSIS, it so happens that it does have a plugin called UAC that does the inner/outer instance dance, it's not pretty but it does work.
If you're fine with a "hack" answer, another blog post about NSIS shows a much simpler approach. Just using explorer.exe to launch another process seems to work.*
The C# would just be
Process.Start("explorer.exe", YourProgram.ExecutablePath)
Beware that even if you WaitForExit() explorer, your program likely hasn't finished yet!
*Also beware one of the comments: "Unfortunately, the Windows Shell team has replied that the current behavior of "Explorer.exe AppName.exe" is a bug and may not work in future updates/versions of Windows. Applications should not rely upon it."

Categories

Resources