I need to change the behavior of my application depending on user privileges:
When my application can run as Administrator
When my application has limited privileges
Since "requireAdministrator" is embedded within the manifest, the same .exe can't work on (1) and (2) at the same time.
What's the best way to deal with this issue? I am planning to pack two executables (one with "requireAdministrator") and decide which one to run.
Someone have other suggestions?
You can use a manifest that asks for highestAvailable instead of requireAdministrator or asInvoker. This will elevate if a person who can just consent to elevating is running it, but won't if it's someone who would need the OTS prompt and entering an admin id and password. I don't care for it myself, since you can't write your code in confidence knowing whether you have the privileges or not. But this is how to achieve what you're asking for.
Related
I'm trying to use SetSystemTime (from Kernel32.dll) or alternatively to use TIME from cmd.exe.
Both fail, TIME gives me the error
A required privilege is not held by the client.
I've already used gpedit.msc to add local/Users and also the user itself to security settings/Local Policies/Change the system time.
I tried to enable the privileg with AdjustTokenPrivileges( SeSystemtimePrivilege ...), but I got a GrandPrivilege failed error .
I'm using Win7 x32 Professional.
It's a standard user with admin privileges, but I'm trying to make the time changes without "Run as Administrator", as the program that calls the SetSystemTime function shouldn't be started with "Run as Administrator".
I supposed that the purpose of the Change the system time policy is exactly for this case and it's also described at MSDN
I'm at a loss what to do.
It turns out that although SeSystemTimePrivilege doesn't trigger UAC for a non-administrator, it is still removed from the restricted token that is generated when an administrator logs in. The upshot is that you can use group policy to assign SeSystemTimePrivilege to non-administrative users, but the policy has no effect for an administrative user.
If it is acceptable for the program to require elevation when run by an administrative user, you could use the highestAvailable manifest setting. That way, the program will only ask for elevation if the user is an administrator. Alternatively, you could design the program to ask for elevation only when it actually needs to set the time.
If an elevation prompt is not acceptable, you will have to install a system service to change the system time on your application's behalf.
There is something my application is doing that is causing Windows to ask for an administrator password when starting my application in a non-administrator account.
At first I thought it was because I was writing some data in the run time folder in Program Files. I took care of that but still have the problem.
Do you have any idea how I can track down the problem ?
Harry Johnston's comment is correct.
If you don't have a manifest that specifies the level, then Windows assumes this is an "old" program written before manifests were common. In that case, it'll use heuristics to guess whether the program might require administrator privileges. In particular, if the name of the executable has "install" or "setup" in it, Windows might assume that it's an installer and that it will require administrator privileges.
If you provide a manifest that specifies a level (like asInvoker), then Windows won't guess, regardless of the name of your program.
I have created a win32 application in Visual Studio 2010. the application is sort of installer, it copies an exe to system32 folder.
The exe which is copied by installer is executed every time the windows is restarted. i have created an entry for it in the registry, now the problem i am having is i want to run that exe as administrator every time it is executed.
I can change the properties of the exe to run as administrator, but it works only for the specific system, i have mentioned my application is an installer, so it is quite hectic to change the privileges at every system.
Kindly guide me how can i solve this problem
First of all, please note that privileges and rights are specified for users rather than executables.
In order to have an executable run elevated, you typically need to add an application manifest to your executable that specifies the requireAdministrator execution level. Such an application will fail to run if the user is not an administrator, or cannot find an administrator to perform over-the-shoulder elevation.
Now, this probably won't help you much. If you want elevation to happen at logon (assuming your registry setting is HKLM\Software\Microsoft\Windows\CurrentVersion\Run) then this will lead to the user being presented with a UAC elevation dialog every time the program starts. I cannot imagine that behaviour is desirable.
Perhaps the cleanest way to avoid all of this would be to convert your application to run as a service. Services run in session 0 and are not subject to UAC. Simply run the service under a user account that has sufficient rights.
One final point, that I cannot stress enough. You should not be copying files to system32. That is the system folder and it belongs to the system.
Firstly I want to emphasize that I'm not trying to do anything "nasty" or "hackerish", nor am I trying to hide anything from user here.
During installations (using InstallShield LE) of my application user is prompted by Windows UAC to allow it to run in Administrator mode; If user accepts it - installation continues (standard behavior) and user again can check the option to add this program to autorun list (by adding a registry key to HKLM/../Run). All is fine and normal. But after every Windows restart, when this application starts, UAC kicks in and asks for user permission. Question is, how to avoid it, since it's a bit annoying (yet my app needs Administrator privileges to run)?
I mean user already granted such permissions on installation, so I cannot see a reason why it needs to be prompted on every startup? Moreover, I believe most antivirus software and such, also require elevated permissions to operate, but UAC doesn't prompt for it at Windows Startup.
Thank you for any advises, information, comments or solutions.
Does your application really need to start elevated? Or will it need to elevated access later when the user uses it to perform an action? If you can, drop the later admin task into a separate exe, allowing the main exe to start with no elevation - when you shellexecute the worker process later it will UAC on demand.
At install time, as you have noted, you have elevated the installer. If you want to run elevated code on subsequent runs, automatically, this is the point to install a service - which is what all those other apps you mentioned do.
You can't get around UAC for a process started in an interactive session. You could use a service running as a privileged user but you would be far better off finding a way to do whatever you do without requiring admin rights.
It's not possible for a program to run elevated without prompting. What you want to do is factor those portions of your application that need elevation into a windows service that runs as system. Then your autostarting application can make remoting calls to the service to delgate those activities that the user can't do without elevating.
Not done it but I found this article Selectively disable UAC for your trusted Vista applications that says use 'Application Compatibility Toolkit' from microsoft.
The Compatibility Administrator allows you to create a database of
compatibility fixes that will allow you to run certain applications
without an accompanying UAC.
Run the Compatibility Administrator as admin
select a new database template
Click the Fix button on the toolbar. When you see the Create New Application Fix wizard ... enter details about your app
Select a Compatibility Level
Select RunAsInvoker as the fix
It seems that the last one
Selecting the RunAsInvoker option will allow the application to launch
without requiring the UAC prompt.
Should do what you want provided that the invoker is admin and I think you can do this at start up using the scheduler : Create Administrator Mode Shortcuts Without UAC Prompts in Windows 7 or Vista
As you can see it runs your app in the compatibility mode which may or may not be acceptable for you.
I have an app that normal users need to be able to run, but requires administrator privileges to actually function.
I tried to make the shortcut that my users run it with "Run as administrator" but this just causes a UAC prompt whenever they try to run the app.
Is there any way to elevate privileges programatically, without my users needing to go through a UAC prompt and/or knowing an administrator password? From a security standpoint, I understand that most applications shouldn't be allowed to do this, so I'm hoping there is some way to do it if I can provide a valid username/password pair, or something.
The app is written in C#, so a fully managed solution would be preferred, but p/Invoke Black Magic (or even writing an MC++ Wrapper Which We Do Not Speak About) would be more acceptable than disabling UAC entirely.
Generally this problem solved by installing a Windows Service which runs as SYSTEM or an admin account. Then your application can request the privileged action from this service.
Obviously to not pose a security threat ensure that your service can't run arbitrary code or something which might leave the all users vulnerable to privilege escalation attacks.
Winpcap and most of the other sniffing applications use a similar design to give sniffing access to unprivileged users.
Actually, why don't you just create a Task Schedule which runs the app with elevated privileges? As long as you setup the Task under elevation, it will not prompts you for a UAC when it is auto-run during reboot or whatever your trigger is.
Just make sure you set level=requireElevation in your manifest file, and task scheduler will run your app with admin rights without prompting your user for admin rights, as this had already been established when you setup the task with admin privileges.
It's not possible. You cannot decide to suppress UAC prompt.
You have to ask yourself:
What would happen on Windows XP?
The user is a standard user on Windows XP, and the application "needs" to run as an administrator. Are you:
going to refuse to run?
going to crash on startup?
going to show the user access denied error messages?
If the user is simply not allowed to run the application as a standard user on Windows XP, then UAC is your friend: it tells the user that they have to be an administrator.
And it even offers to let them (temporarily) gain administrative privileges.
But you have to ask yourself:
What would happen on Windows Vista?
In order to elevate, the user will need someone from IT to walk from three buildings over, so they can type in their credentials "over the shoulder". Perhaps you can make the user's life easier. Let 99.9% of the application run, and split off that 0.01% to an "administrative" module.