0

I have a VB.NET application that interfaces with MS-Outlook and, to do it, it must run without ADMIN priviledges. Everything is OK.

The problem occurs after the "LiveUpdate" module, a separated application running with ADMIN priviledges, ends its update and loads again the main application. This load is performed using:

 Process.Start(MyApp.exe)

but when "MyApp" loads, it cannot interface anymore with MS-Outlook, which refuse that interface sending a typical message of programs running at different UAC priviledges. I guess when LiveUpdate executes the Process.Start, the command goes with its same priviledge (ADMIN).

Facts:

  1. The Liveupdate MUST run in ADMIN but MyApp MUST run in NORMAL way.
  2. Both has its own MANIFEST, but it seems the call above bypass the Manifest of MyApp - which is set "as Invoke" as default.
  3. If I close MyApp and run it again manually, everything goes OK.
  4. Some clients has USER/PASSWORD, others do not have it (Windows loads automatically with no User/Password dialog).
    5.The application runs in Windows Vista, 7, 8, 8.1 and 10.

So, is there some way to "Process.Start" an application discarding the ADMIN priviledge from the caller (LiveUpdate)?

The usage of User/Password during this call is not an option I guess... Thanks!

user3697824
  • 538
  • 4
  • 15
David BS
  • 1,822
  • 1
  • 19
  • 35
  • 1
    I'm pretty sure there is not a way. You could add something else which is not elevated and acts like the conductor to start the first thing elevated, then starts your app normal. – user3697824 Oct 06 '15 at 18:55
  • Thanks @user3697824, I´m really was supposed the same... – David BS Oct 06 '15 at 19:08

1 Answers1

0

Here is what I found: you can start a de-elevated process from an elevated software by running it trough explorer.exe. This method should work with everyone except for users that are admin, (not user administrator, but system administrator). I found this info here.

For the code part of it, it looks like this: (credit for this goes to plutonix; follow the link above)

Dim proc = New Process
proc.StartInfo.UseShellExecute = True
proc.StartInfo.WindowStyle = ProcessWindowStyle.Normal
proc.StartInfo.WorkingDirectory = mypath

If chkAdmin.Checked Then                    ' run this app as admin
    proc.StartInfo.FileName = myApp
    proc.StartInfo.WorkingDirectory = mypath
    proc.StartInfo.Verb = "runas"           ' run "me" as admin
    proc.StartInfo.Arguments = ""
Else                                        ' run explorer w/app as arg
    ' de-elevate new app instance to run de-elevated
    proc.StartInfo.FileName = Path.Combine(windir, "explorer.exe")  
    proc.StartInfo.Verb = ""                ' important!
    proc.StartInfo.Arguments = myApp        ' send the child app name as arg
End If

proc.Start()

I have not tested this out myself, but it should work correctly. (Again all credit for this goes to user: plutonix)

Community
  • 1
  • 1
Sid
  • 17
  • 4
  • Thank you SID, but if your search for it deeper, you will see that Microsoft points it as a bug (really!) and recommends do not utilize it, since it will be corrected in the next Windows version - and I saw this when Windows were in version 7. I believe it will be deprecated ASAP... But thanks. – David BS Oct 07 '15 at 01:27
  • Oh wow it has probably been fixed by now then, thanks for letting me know, as I said I haven't tried it myself. – Sid Oct 07 '15 at 01:34
  • No problems at all. Thanks again for try a help... :) – David BS Oct 07 '15 at 03:54