What's the simplest way to execute a method with administrator privileges?

Question

I am currently just calling my own program in a new process with:

MyProcessStartInfo.Verb = "runas";
MyProcessStartInfo.Arguments = "MyFlag";

And when the process starts I check for the flag. If it's there – I just execute the method and Close();

But I would rather do something more minimalistic if it could be done simply. Is that possible?

EDIT: Using Vista and Windows7.

Answer 1

You may use use Windows API LogonUser and then impersonate another user to run a piece of code as that user. There is a limitation though. When UAC is enabled LogonUser will give you restricted user token which means impersonated user (even administrator) will never get more rights than you already have. This restriction does not apply to non-interactive sessions (Windows services).

Here is the documentation on how to impersonate in a code. Also, you may find this SO question/answer interesting.

Answer 2

You can not elevate a running process. It's simply not possible. You are doing it the correct way, by spawning another process with elevated priviledges. There is no other way.

Thanks. but I was thinking maybe there is a way to start a method as a new process.

You could create a separate application executable that has your method in it, then you would not need to restart your application. You would only need to start that other process.

Answer 3

It isn't minimalistic, but you can use this property I crafted from sources on the net. Some of these calls are pInvoke's. So google 'pinvoke method' to find them.

public static bool IsRunAsAdministrator
{
    get
    {
        WindowsIdentity windowsIdentity = WindowsIdentity.GetCurrent();
        if (windowsIdentity.IsSystem) return true;

        WindowsPrincipal windowsPrincipal = new WindowsPrincipal(windowsIdentity);
        if (windowsPrincipal.IsInRole(WindowsBuiltInRole.Administrator))
            return true;

        //Vista or higher check
        if (Environment.OSVersion.Version.Major >= 6)
        {
            IntPtr hToken = IntPtr.Zero;
            try
            {
                if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, out hToken))
                    Win32.ThrowLastError();

                TOKEN_ELEVATION_TYPE elevationType;
                IntPtr pElevationType = Marshal.AllocHGlobal(sizeof(TOKEN_ELEVATION_TYPE));
                uint dwSize;

                if (!GetTokenInformation(
                    hToken,
                    TOKEN_INFORMATION_CLASS.TokenElevationType,
                    pElevationType,
                    sizeof(TOKEN_ELEVATION_TYPE),
                    out dwSize
                    ))
                    Win32.ThrowLastError();

                elevationType = (TOKEN_ELEVATION_TYPE)Marshal.ReadInt32(pElevationType);
                Marshal.FreeHGlobal(pElevationType);

                return elevationType == TOKEN_ELEVATION_TYPE.TokenElevationTypeFull;
            }
            finally
            {
                CloseHandle(hToken);
            }
        }
        else
            return true;
    }
}