3

I have recently been tasked with figuring out a way to remove the elevated privileges requirement for a c# application.

I'm not super familiar with C# but I do have access to the source code (multiple projects in one solution) and I'm using VS 2013 Professional.

So far I've been going through the code by hand and referencing documentation online to try to determine where the elevated privilege requirements are coming from.

Is there a way to use Visual Studio (or another piece of software) to determine which function calls are forcing the administrator privileges requirement?

Tuffwer
  • 1,027
  • 9
  • 23
  • There are certain classes that would immediately be suspect - System.IO.File for example. The problem is that you still wouldn't know if those calls required elevated privileges without knowing where on the filesystem it was looking. – Pedro Feb 08 '16 at 19:03
  • @Pedro Yeah that makes sense. I'm hoping to avoid having to track down every function call and determine what it might need access to by hand, but I'm afraid (and your comment is leading me farther in this direction) that's where this is leading. – Tuffwer Feb 08 '16 at 19:09
  • While I am still very much interested to know if such a function exists in VS for determining which parts of the code might require elevation I believe I have found the culprit in my case. The code I am using is built on top of [ServiceStack](https://servicestack.net). I found another [answer here](http://stackoverflow.com/a/19236075/5220640) That seems to indicate the parts of ServiceStack being used require admin privilege to run. – Tuffwer Feb 08 '16 at 19:22

1 Answers1

1

Not automatically, but there may be some ways to narrow things down quickly.

First if you have good test suites you could run these as a user without admin access and see which ones if any fail or prompt for UAC. This should allow you to narrow down sections of code quickly (I am a big fan of repurposing test suites btw). Also those that fail can be quickly corrected.

Another option would be manual testing, again by a user without admin access. Then the code can be reviewed where there are problems and the issues removed,

Without an automatic way of finding the problems, you should be prepared for some post-sign-off bug fixes however (so maybe having an experimental phase) may be good.

Chris Travers
  • 25,424
  • 6
  • 65
  • 182