user629926
Reputation: 1940
How to force an app to not be run as administrator
Is it possible to disable run as administrator for an app alowing it just to be run as local user.
Upvotes: 3
Views: 804
Answers (1)
Thomas Levesque
Reputation: 292345
I don't think you can prevent starting the process as administrator; however, you can check if it is executing with elevated privileges, and exit if it's the case.
static bool IsRunningWithElevatedPrivileges()
{
IntPtr hToken;
int sizeofTokenElevationType = Marshal.SizeOf(typeof(int));
IntPtr pElevationType =
Marshal.AllocHGlobal(sizeofTokenElevationType);
if (OpenProcessToken(GetCurrentProcess(), TokenQuery, out hToken))
{
uint dwSize;
if (GetTokenInformation(hToken,
TokenInformationClass.TokenElevationType, pElevationType,
(uint)sizeofTokenElevationType, out dwSize))
{
TokenElevationType elevationType = (TokenElevationType)Marshal.ReadInt32(pElevationType);
Marshal.FreeHGlobal(pElevationType);
switch (elevationType)
{
case TokenElevationType.TokenElevationTypeFull:
return true;
default:
//case TokenElevationType.TokenElevationTypeLimited:
//case TokenElevationType.TokenElevationTypeDefault:
return false;
}
}
}
return false;
}
[DllImport("kernel32.dll")]
static extern IntPtr GetCurrentProcess();
[DllImport("advapi32.dll", SetLastError = true)]
static extern bool OpenProcessToken(
IntPtr processHandle,
uint desiredAccess,
out IntPtr tokenHandle);
[DllImport("advapi32.dll", SetLastError = true)]
static extern bool GetTokenInformation(
IntPtr tokenHandle,
TokenInformationClass tokenInformationClass,
IntPtr tokenInformation,
uint tokenInformationLength,
out uint returnLength);
const UInt32 TokenQuery = 0x0008;
enum TokenElevationType
{
TokenElevationTypeDefault = 1,
TokenElevationTypeFull,
TokenElevationTypeLimited
}
enum TokenInformationClass
{
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass
}
Upvotes: 5
Related Questions
- How do I force my .NET application to run as administrator?
- Stop program from running as admin
- How force C# application NOT run as adminsitrator?
- Launch an app on Windows startup that requires administrator privileges
- How to prevent my program from running in a non-administrator account that has UAC turned off?
- Allow local admins to run application without having to "Run as Administrator"
- How to correctly implement "As Administrator" or "Run As Administrator" in .NET application for selected operations?
- Granting administrator privileges to an application launched at startup without UAC prompt?
- Win C#: Run app as administrator without UAC prompt
- Run .NET application as administrator