0

I have a program that works with the file system a lot and need certain methods to run as administrator. I can't have the application it's self run as admin as I need to use drag and drop on the form. I imagine that one method can't be executed with admin rights. I don't really want to make a anther executable for one method. If I do make another executable what's the best way to pass multiple arguments through the application and redirect the output? I hope I worded this correctly and made my self clear.

Kieran Crown
  • 307
  • 5
  • 16
  • How does running as administrator affect dragging and dropping on the form? – Corey Ogburn Feb 17 '14 at 15:03
  • 1
    Starting from Windows Vista because of User Interface Privilege Isolation you cannot drag and drop from an application running at lower integrity level to an application which runs on a higher level. See this article for more details: Why Doesn’t Drag-and-Drop work when my Application is Running Elevated? – Kieran Crown Feb 17 '14 at 15:06
  • As far as I know, you can't elevate certain methods or regions of code. It's either the whole process or nothing. – vcsjones Feb 18 '14 at 04:34

3 Answers3

4

You can not run a single method as administrator. However, you can impersonate a user that has administrator rights at the start of the method, execute some code as the other user and then go back to the original user.

The accepted answer to the following question lists some options: How do you do Impersonation in .NET?

In his answer to the above linked question, Matt Johnson also shows some code to do it hassle free, which he obviously also posted as a DLL to GitHub, where you can download and use it.

Community
  • 1
  • 1
Thorsten Dittmar
  • 55,956
  • 8
  • 91
  • 139
0

Your only options are:

  1. Run the whole program as admin
  2. Re-launch your program as admin when the user wants to do a admin function
  3. Re-think your design approach so your method no longer requires being admin
  4. Use some form of IPC to launch a 2nd app that is elevated and does the requests for you.

For the IPC route, the easiest way I know of is using WCF with named pipes, you just treat the WCF communication like you would any other class in your code and just communicate through normal functions.

Community
  • 1
  • 1
Scott Chamberlain
  • 124,994
  • 33
  • 282
  • 431
  • I should have mentioned I am using WinForms, I think my best option right now is to make another executable and redirect the standard input/output. – Kieran Crown Feb 17 '14 at 15:09
  • That would fall under #4, however [you can not elevate a program and redirect its inputs and outputs at the same time](http://stackoverflow.com/questions/20086957/launching-sfc-from-within-a-c-sharp-app/20087115#20087115). – Scott Chamberlain Feb 17 '14 at 15:11
0

If I understand you correctly, you need your program to start in elevated mode. The easiest way to do so, is to specify it as a requirement in the application manifest file.

In order to add a manifest to your app, you can follow these steps:

  1. Right click your project
  2. Add -> New Item -> Application Manifest file
  3. In the new .manifest file, replace <requestedExecutionLevel level="asInvoker" uiAccess="false" /> with <requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
  4. Make sure the application is configured to run with your new manifest by going to: Right click your project -> Properties -> Application tab -> Manifest

You can read more about the application manifest here.

Stephan Zaria
  • 496
  • 5
  • 12
  • 1
    I know this, the whole point was I didn't want the whole application to be elevated, just some methods. – Kieran Crown Feb 17 '14 at 15:16
  • Ok, in that case, impersonation is your friend. There already an answer here with that suggestion - I think you should check it out. – Stephan Zaria Feb 17 '14 at 15:19