SpringCard LibCs.Windows for .NET  18.10.10
A set of utilities for the Windows platform
Public Member Functions | Static Public Member Functions | List of all members
SpringCard.LibCs.Windows.Uac Class Reference

Class used to manage program's uac Exemple of use: Uac uac = new Uac(); bool InAdminGroup = uac.IsUserInAdminGroup(); bool uac.IsRunAsAdmin(); bool uac.IsProcessElevated(); if(!fIsElevated) uac.SetShieldOnButton(btnElevate); More...

Public Member Functions

bool IsUserInAdminGroup ()
 The function checks whether the primary access token of the process belongs to user account that is a member of the local Administrators group, even if it currently is not elevated. More...
 
bool IsRunAsAdmin ()
 The function checks whether the current process is run as administrator. In other words, it dictates whether the primary access token of the process belongs to user account that is a member of the local Administrators group and it is elevated. More...
 
bool IsProcessElevated ()
 The function gets the elevation information of the current process. It dictates whether the process is elevated or not. Token elevation is only available on Windows Vista and newer operating systems, thus IsProcessElevated throws a C++ exception if it is called on systems prior to Windows Vista. It is not appropriate to use this function to determine whether a process is run as administartor. More...
 
void SetShieldOnButton (ButtonBase button)
 Set the Windows shield on a button to indicate that it is used to elevate privileges More...
 
bool RunAsAdmin (string[] args=null)
 

Static Public Member Functions

static bool RunElevated (string[] args=null, bool messageOnError=false, bool exitOnElevation=true)
 
static SecurityIdentifier GetCurrentSID ()
 
static string GetCurrentSIDString ()
 

Detailed Description

Class used to manage program's uac Exemple of use: Uac uac = new Uac(); bool InAdminGroup = uac.IsUserInAdminGroup(); bool uac.IsRunAsAdmin(); bool uac.IsProcessElevated(); if(!fIsElevated) uac.SetShieldOnButton(btnElevate);

int IL = uac.GetProcessIntegrityLevel();

try { switch (IL) { case NativeMethods.SECURITY_MANDATORY_UNTRUSTED_RID: this.lbIntegrityLevel.Text = "Untrusted"; break; case NativeMethods.SECURITY_MANDATORY_LOW_RID: this.lbIntegrityLevel.Text = "Low"; break; case NativeMethods.SECURITY_MANDATORY_MEDIUM_RID: this.lbIntegrityLevel.Text = "Medium"; break; case NativeMethods.SECURITY_MANDATORY_HIGH_RID: this.lbIntegrityLevel.Text = "High"; break; case NativeMethods.SECURITY_MANDATORY_SYSTEM_RID: this.lbIntegrityLevel.Text = "System"; break; default: this.lbIntegrityLevel.Text = "Unknown"; break; } }

On the button used to elevate privileges : if (!uac.IsRunAsAdmin()) { // Launch itself as administrator ProcessStartInfo proc = new ProcessStartInfo(); proc.UseShellExecute = true; proc.WorkingDirectory = Environment.CurrentDirectory; proc.FileName = Application.ExecutablePath; proc.Verb = "runas";

try { Process.Start(proc); } catch { // The user refused the elevation. // Do nothing and return directly ... return; } Application.Exit(); // Quit itself }

Member Function Documentation

◆ IsProcessElevated()

bool SpringCard.LibCs.Windows.Uac.IsProcessElevated ( )

The function gets the elevation information of the current process. It dictates whether the process is elevated or not. Token elevation is only available on Windows Vista and newer operating systems, thus IsProcessElevated throws a C++ exception if it is called on systems prior to Windows Vista. It is not appropriate to use this function to determine whether a process is run as administartor.

Returns
Returns true if the process is elevated. Returns false if it is not.
Exceptions
System.ComponentModel.Win32ExceptionWhen any native Windows API call fails, the function throws a Win32Exception with the last error code.

TOKEN_INFORMATION_CLASS provides TokenElevationType to check the elevation type (TokenElevationTypeDefault / TokenElevationTypeLimited / TokenElevationTypeFull) of the process. It is different from TokenElevation in that, when UAC is turned off, elevation type always returns TokenElevationTypeDefault even though the process is elevated (Integrity Level == High). In other words, it is not safe to say if the process is elevated based on elevation type. Instead, we should use TokenElevation.

◆ IsRunAsAdmin()

bool SpringCard.LibCs.Windows.Uac.IsRunAsAdmin ( )

The function checks whether the current process is run as administrator. In other words, it dictates whether the primary access token of the process belongs to user account that is a member of the local Administrators group and it is elevated.

Returns
Returns true if the primary access token of the process belongs to user account that is a member of the local Administrators group and it is elevated. Returns false if the token does not.

◆ IsUserInAdminGroup()

bool SpringCard.LibCs.Windows.Uac.IsUserInAdminGroup ( )

The function checks whether the primary access token of the process belongs to user account that is a member of the local Administrators group, even if it currently is not elevated.

Returns
Returns true if the primary access token of the process belongs to user account that is a member of the local Administrators group. Returns false if the token does not.
Exceptions
System.ComponentModel.Win32ExceptionWhen any native Windows API call fails, the function throws a Win32Exception with the last error code.

◆ SetShieldOnButton()

void SpringCard.LibCs.Windows.Uac.SetShieldOnButton ( ButtonBase  button)

Set the Windows shield on a button to indicate that it is used to elevate privileges

Parameters
button
The documentation for this class was generated from the following file: