UAC elevation of process

[Franz]

I want to write a simple dialog. When I press the button, it will first elevate and then perform some security sensitive tasks.

The way I have seen to elevate is to call ShellExecuteEx. However, I need to fill SHELLEXECUTEINFO::lpFile, so that it starts another application instead of elevate the process I am running. If it has to start a new process, that means I have to create another executable which is specific for performing those security sensitive tasks. I don't want to manage one more executable.

I am not familiar with UAC mechanism. Is it possible to elevate current process?

[cilu]

Of course it is. You can do this either with a manifest or directly from the Project Properties (in VS 2008). Read this article to learn how: http://www.codeguru.com/columns/kate/article.php/c13695.

[ahmd]

Yeah, I have the same issue. The link that cilu gave above shows how to do it so that the application is started with elevated privileges, but how do you elevate them at a run-time?

I have the second question though, in the article above it says,

the sterner orange prompt is reserved for applications that are not digitally signed, as opposed to the blue prompt in Figure 1

. So, how do you digitally sign your application?

[OReubens]

You cannot elevate a running process.

Process elevation happens at the moment a process is started, and you can neither raise it or lower it afterwards.

[ahmd]

OK, but about the second question (about digital signature)?

[cilu]

Take a look at this article http://www.pantaray.com/signcode.html, but if you have further questions please create a new thread.

[chha]

You cannot elevate a running process.

Process elevation happens at the moment a process is started, and you can neither raise it or lower it afterwards.

Can somebody confirm this? It sounds quite unlikely to me that it should not be possible, as I can easily impersonate an (other) admin-account during process execution, so I suppose it should also be possible to "impersonate" myself evaluated (replace ProcessLevelToken or something)?

[OReubens]

The whole point of elevation is that any and all means to get an elevated process you must go via the UAC elevation dialog. If there was a way to work around the UAC dialog, then any virus or malicious program would be able to do so and this would pretty much nullify the whole point of UAC in the first place.

If you need to do security sensitive stuff, then there are a number of ways to achieve that.
1) Start a separate security exe with elevation that has the dialogs for this.
2) Have your exe start itself again with elevation and add a parameter on the commandline to indicate this. You can then either just show the elevated dialog, or leave the entire exe elevated and let the other exe die.
3) Stuff the dialog in a COM object and launch this COM object as elevated.
4) Install a service. Your exe can then communicate with this service to have the service make the actual changes. This is considered UAC-safe since instaling the service would have needed elevation. If you are going this route, you should somehow secure communications with your service. If your program ends up being very popular, it may end up being a backdoor for malicious software.

If you impersonate an admin login. You will get a standard token, not an administrative/elevated token.