Reputation: 13
Without Administrator Privileges Launching Desktop Application in a logged in User context with Administrator Privileges
I wanted to run local desktop applications which are installed in Program Files and Program File (x86) folders only, the application should run with administrator privileges as logged in user context. I have googled and got to know some.
Required as per my idea:-
- File Explorer GUI with Socket Client
- A Service
- Local Application Launching Executable with Socket Server ( console application)
Note: The communication between File Explorer will happen using socket client and server. The service will launch the local application server in system context.
Imagine that File Explorer, Service and Application Launching server are installed. Using File explorer the app will be selected and selected application information will be sent to the server. The server will do check on the requested path whether it is from trusted path or not.
If it is from trusted path, the server will get handle from "winlogon.exe" and get the handle to the access token, then duplicate the access token and adjust its privileges (default system privilege will be there and i don't want that as system will have full privileges) then use CreateProcessAsUser to launch the application.
Once launched bring the UI to the foreground. The application need to be run in user context with administrator privileges.
My questions are stated below:-
- To achieve this do i need to enable the interactive process in the service ?
- If interactive is necessary, the communication between the user and local server is happening using socket and user do not interact with service directly, just wanted to know whether am i following the Microsoft safety measures as stated in below documentation or am i breaching it?. https://learn.microsoft.com/en-us/windows/win32/services/interactive-services
- Do we have any other way to launch an application with admin privileges in logged on user context without actual administrator privilege ?
The targeted OS is Windows 10 1803 and 1809.
Upvotes: 0
Views: 292
Answers (1)
Reputation: 17288
Have a look for the tools psexec or paexec (they're mostly identical, the major difference being that the later is open-source).
These tools allow you to start a process as another user and/or on another computer. This should work from a service as well.
Upvotes: 0
Related Questions
- Run process as administrator from a non-admin application
- Auto Start WinForms Application With Admin Permissions On Non-Admin Account
- How force C# application NOT run as adminsitrator?
- Launch an app on Windows startup that requires administrator privileges
- Run at logon a desktop application with elevated privileges
- Execute an application with admin rights on system without UAC
- How to run a non-admin process from admin c# application
- Granting administrator privileges to an application launched at startup without UAC prompt?
- Win C#: Run app as administrator without UAC prompt
- How to launch an application with admin rights