Can an application running under a less privileged account start a process executing another application under an administrative account?

Question

I am logged in as the administrator when I installed an application named pdflatex.exe on my server. This application works as a converter from LaTeX input file to Pdf file.

I host an Asp.net MVC 3 application running under an Application Pool Identity with Load User Profile = True.

The Asp.net MVC 3 code contains a code that executes pdflatex.exe using System.Diagnostic.Process instance as follows:

        Process p = new Process();

        p.EnableRaisingEvents = true;
        p.Exited += new EventHandler(p_Exited);

        p.StartInfo.Arguments = "-interaction=nonstopmode " + inputpath;
        p.StartInfo.WorkingDirectory = @"c:\mydomain.com\working";

        p.StartInfo.UseShellExecute = false;
        p.StartInfo.FileName = "pdflatex.exe";

        p.Start();
        p.WaitForExit();

---

From the scenario above,

• the web application runs under a restricted acount but it executes
• an external application under a default account that I don't know.

Can an application running under a less privileged account start a process executing another application under an administrative account?

Answer 1

No, a lower privilege application cannot start an elevated application without properly asking for UAC elevation (which prompts for an administrative username and password). If you could elevate a spawned app from a lower-access app, it would be a major security gap.

Answer 2

Why do you need administrator access to run pdflatex? That is a standard user program and shouldn't require any special privileges other than to be run from a directory that it can write to.