Class used to manage program's uac Exemple of use: Uac uac = new Uac(); bool InAdminGroup = uac.IsUserInAdminGroup(); bool uac.IsRunAsAdmin(); bool uac.IsProcessElevated(); if(!fIsElevated) uac.SetShieldOnButton(btnElevate); More...
Public Member Functions | |
bool | IsUserInAdminGroup () |
The function checks whether the primary access token of the process belongs to user account that is a member of the local Administrators group, even if it currently is not elevated. More... | |
bool | IsRunAsAdmin () |
The function checks whether the current process is run as administrator. In other words, it dictates whether the primary access token of the process belongs to user account that is a member of the local Administrators group and it is elevated. More... | |
bool | IsProcessElevated () |
The function gets the elevation information of the current process. It dictates whether the process is elevated or not. Token elevation is only available on Windows Vista and newer operating systems, thus IsProcessElevated throws a C++ exception if it is called on systems prior to Windows Vista. It is not appropriate to use this function to determine whether a process is run as administartor. More... | |
void | SetShieldOnButton (ButtonBase button) |
Set the Windows shield on a button to indicate that it is used to elevate privileges More... | |
bool | RunAsAdmin (string[] args=null) |
Class used to manage program's uac Exemple of use: Uac uac = new Uac(); bool InAdminGroup = uac.IsUserInAdminGroup(); bool uac.IsRunAsAdmin(); bool uac.IsProcessElevated(); if(!fIsElevated) uac.SetShieldOnButton(btnElevate);
int IL = uac.GetProcessIntegrityLevel();
try { switch (IL) { case NativeMethods.SECURITY_MANDATORY_UNTRUSTED_RID: this.lbIntegrityLevel.Text = "Untrusted"; break; case NativeMethods.SECURITY_MANDATORY_LOW_RID: this.lbIntegrityLevel.Text = "Low"; break; case NativeMethods.SECURITY_MANDATORY_MEDIUM_RID: this.lbIntegrityLevel.Text = "Medium"; break; case NativeMethods.SECURITY_MANDATORY_HIGH_RID: this.lbIntegrityLevel.Text = "High"; break; case NativeMethods.SECURITY_MANDATORY_SYSTEM_RID: this.lbIntegrityLevel.Text = "System"; break; default: this.lbIntegrityLevel.Text = "Unknown"; break; } }
On the button used to elevate privileges : if (!uac.IsRunAsAdmin()) { // Launch itself as administrator ProcessStartInfo proc = new ProcessStartInfo(); proc.UseShellExecute = true; proc.WorkingDirectory = Environment.CurrentDirectory; proc.FileName = Application.ExecutablePath; proc.Verb = "runas";
try { Process.Start(proc); } catch { // The user refused the elevation. // Do nothing and return directly ... return; } Application.Exit(); // Quit itself }
bool SpringCard.LibCs.Windows.Uac.IsProcessElevated | ( | ) |
The function gets the elevation information of the current process. It dictates whether the process is elevated or not. Token elevation is only available on Windows Vista and newer operating systems, thus IsProcessElevated throws a C++ exception if it is called on systems prior to Windows Vista. It is not appropriate to use this function to determine whether a process is run as administartor.
System.ComponentModel.Win32Exception | When any native Windows API call fails, the function throws a Win32Exception with the last error code. |
TOKEN_INFORMATION_CLASS provides TokenElevationType to check the elevation type (TokenElevationTypeDefault / TokenElevationTypeLimited / TokenElevationTypeFull) of the process. It is different from TokenElevation in that, when UAC is turned off, elevation type always returns TokenElevationTypeDefault even though the process is elevated (Integrity Level == High). In other words, it is not safe to say if the process is elevated based on elevation type. Instead, we should use TokenElevation.
bool SpringCard.LibCs.Windows.Uac.IsRunAsAdmin | ( | ) |
The function checks whether the current process is run as administrator. In other words, it dictates whether the primary access token of the process belongs to user account that is a member of the local Administrators group and it is elevated.
bool SpringCard.LibCs.Windows.Uac.IsUserInAdminGroup | ( | ) |
The function checks whether the primary access token of the process belongs to user account that is a member of the local Administrators group, even if it currently is not elevated.
System.ComponentModel.Win32Exception | When any native Windows API call fails, the function throws a Win32Exception with the last error code. |
void SpringCard.LibCs.Windows.Uac.SetShieldOnButton | ( | ButtonBase | button | ) |
Set the Windows shield on a button to indicate that it is used to elevate privileges
button |