0

I've just developed a .NET program which has the ability to patch itself.

I've noticed that the patching process only runs if I choose "run as administrator".

It seems I need to "create and embedd an Application Manifest", according this this:

https://msdn.microsoft.com/en-us/library/bb756929.aspx

So my question:

Is it normal for applications like mine (which can patch themselves) to require Admin rights, and is this the route I should be going?

Thanks

slaw
  • 611
  • 2
  • 7
  • 20

2 Answers2

0

If your application does not normally require elevation then I don't recommend that you request it in your manifest because it will be very annoying for your users. Firefox uses a NT service to get around the UAC dialog but I can't really recommend that either unless your updates are very frequent.

I would suggest that you write a little updater application that does the patching. It can request elevation in its manifest and this way the user only has to elevate when there is something to patch. If you don't want another .exe in your bundle, you can execute yourself again with the runas verb when you need to patch.

Community
  • 1
  • 1
Anders
  • 97,548
  • 12
  • 110
  • 164
  • Currently the way it works is that the Patcher is an exe that gets run first thing every time you run the program. Patcher downloads a version file and checks whether the current downloaded version is the same as whats in the file. If it's not then it continue with patching and if it is then iti just laucnhes the main executable. So the Patcher runs everytime, I guess I'll put a manifest on the Patcher then? Will this mean it needs to be approved every time? or will UAC remember that the user approved it – slaw Apr 14 '17 at 06:26
  • It means you will get the UAC dialog every time. Check for updates in your main app and only start the patcher if there is anything to patch. – Anders Apr 14 '17 at 12:27
  • I managed to change the NSIS script to give "Users" write access to my applications folder in Program Files, this fixed the issue. – slaw Apr 18 '17 at 08:36
  • Giving everyone write access is a security issue. – Anders Apr 18 '17 at 11:01
0

Edited the NSIS script to include this line:

AccessControl::GrantOnFile \"$INSTDIR" "(S-1-5-32-545)" "FullAccess"

This gave the User account full access to the application folder within Program Files, meaning my patcher could write to it without any problems.

slaw
  • 611
  • 2
  • 7
  • 20
  • This goes against all security best practices, only administrators should be able to modify shared executables. – Anders Apr 18 '17 at 18:04
  • It seems to be the method used by the giants in the industry though (Epic Games, Steam, Battle.net). – slaw Apr 19 '17 at 03:11
  • I thought Steam used a service? You could try running the Windows Logo test, I believe it detects sloppy ACLs as a problem. – Anders Apr 19 '17 at 10:29