privilege elevation in Windows

Question

I am writing an application that will consist of GUI part running with user privileges and a server part that runs with local system privileges as a service. From time to time the GUI part needs to perform some operations that need high privileges (administrator/local system). The GUI app could request the service to perform this operation and the service could perform this operation (of course after authentication and authorization).

However it would be more convenient if the service could run a command with local system privileges that would run in the context of users desktop (so that the user can interact with the command's GUI). Is it possible?

Solutions in .NET are preferable, but C/C++ are also fine.

Answer 1

There are four ways you can run elevated code from your non-elevated GUI process:

1. move the elevated logic into a separate .exe file that has its own manifest to require elevation. The GUI app can then use CreateProcess() to run it when needed.

2. have the GUI app use ShellExecute/Ex() with the "runas" verb, or the third-party CreateProcessElevated(), to start a new elevated process. You can either use a different .exe file, or the same .exe file with different command-line parameters, it does not matter.

3. move the elevated logic into its own COM object, and then the GUI app can use the COM Elevation Moniker to instantiate that object when needed.

4. have the GUI app communicate with the service, which can then use CreateProcessAsUser() to run a new process within the user's session (either a separate .exe, or the .same exe with different command-line parameters, it doesn't matter). Retreive the user's token using WTSQueryUserToken(), and specify the user's desktop in the STARTUPINFO structure.