Selectively disabling UAC for specific programs on Windows Programatically
There are dozens of posts questions/answers on stack and other forums about disabling/bypassing/suppressing UAC. There are solutions as well. But progmatically perhaps not.
-
The proper methodology wouldn't be to ignore the User Access Control (UAC) but rather test within those parameters. That way you don't disrupt security, you instead work within it's confines.
By disabling security, you run the risk of exploits. According to Secuna which provide several security test have noticed that small companies, lazy developer applications, and blatantly disregard for security are applications that have been focused on.
Which means your application may become a victim at some point.
The approach I would take, is test within UAC. Ensure the proper permissions exists to carry out your task, that way it isn't constantly running with Elevated Permission. An example may be:
class Elevated_Rights { // Token Bool: private bool _level = false; #region Constructor: protected Elevated_Rights() { // Invoke Method On Creation: Elevate(); } #endregion public void Elevate() { // Get Identity: WindowsIdentity user = WindowsIdentity.GetCurrent(); // Set Principal WindowsPrincipal role = new WindowsPrincipal(user); #region Test Operating System for UAC: if (Environment.OSVersion.Platform != PlatformID.Win32NT || Environment.OSVersion.Version.Major < 6) { // False: _level = false; } #endregion else { #region Test Identity Not Null: if (user == null) { // False: _level = false; } #endregion else { #region Ensure Security Role: if (!(role.IsInRole(WindowsBuiltInRole.Administrator))) { // False: _level = false; } else { // True: _level = true; } #endregion } } }Something along those lines would allow you to test against the UAC, then perform a task. I'm not quite sure why you would like to disable the UAC, but that would be my approach.
Hopefully that helps.
加载中...
- 热议问题