2

I have a problem with this situation: I made 2 programs:

The first one just print an output saying that was launched with admin provileges or not, and the second one, execute the first program with admin privileges and without use the UAC. The trouble is that the second program can't launch the first with admin privileges i don't know why. This is my code:

Code of the first program:

// This only prints if you start as administrator or not.
bool isElevated;
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(identity);
isElevated = principal.IsInRole(WindowsBuiltInRole.Administrator);
Console.WriteLine("I got admin privileges?: "+isElevated);

Code of the second program:

// This execute the first program with admin privileges without UAC
string username = "myuser";
SecureString userpass = new SecureString();
userpass.AppendChar('m');
userpass.AppendChar('y');
userpass.AppendChar('p');
userpass.AppendChar('a');
userpass.AppendChar('s');
userpass.AppendChar('s');

Process program = new Process();
program.StartInfo.UserName = username;
program.StartInfo.Password = userpass;
program.StartInfo.FileName = "Path/First_program.exe";
program.StartInfo.UseShellExecute = false;
program.Start();

PD: I don't want the user to open the UAC, thats why i already insert the username and the password. Thanks in advance.

Improve this question
6
  • To my knowledge, you can't circumvent the UAC that way. If the running program doesn't have admin privs then the called program needs to request admin privileges which will trigger the UAC. Commented Mar 14, 2017 at 21:01
  • Have you tried making the password SecureString read-only? Commented Mar 14, 2017 at 21:06
  • @BenVoigt , "SecureString" is working fine, because when i write a wrong password it throws me an exception. Commented Mar 14, 2017 at 21:14
  • 2
    The problem is that Process.Start() uses CreateProcessWithLogonW which filters the user token. I'm not aware of any good workaround, perhaps using a scheduled task? Failing that, your best bet is probably to install a system service to launch the child on your behalf. (With due care for the security considerations, of course.) Better still, rearchitecture so that you no longer need to do this. You shouldn't have admin credentials sitting inside an executable anyway. Commented Mar 14, 2017 at 21:28
  • @HarryJohnston: That answer of yours you linked to appears to have a solution (the LOGON32_LOGON_BATCH flag), does it not? Commented Mar 14, 2017 at 23:03

1 Answer 1

Reset to default
4

You have half of the answer. The other half is that the program must request to be executed with elevated privileges. By default, Windows programs run in a "Basic" trust level, regardless of the true level of permissions possible under the user. To gain access to administrative powers, the program must request elevation, which by definition will involve UAC.

Programs like yours can request elevation using the runas verb in the ProcessStartInfo, or by specifying requireAdministrator elevated permissions in the manifest of either application (assuming you control them). Either way, if UAC is enabled, the user will get a prompt.

The only way to circumvent this is to set up the program that would otherwise require elevated permissions as a Windows service, configured in services.msc to run with administrative permissions. You'll get one UAC prompt when installing/registering the service to run in this way, and from then on the service can perform that task without any further UAC action. You can then use various communication technologies, from named pipes to true network comms like TCP, to signal the service that it should do what you want.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

A somewhat simpler alternative to a service is a scheduled task, with permissions set to allow an unprivileged user to trigger it. Then you can run any command, it doesn't have to have all the service management stuff in its main loop.
Is there no way to somehow sign the executable to say that it is trusted?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.