we have a WPF application that currently uses the default manifest setting: "Embed manifest with default settings" and it works for us. We now need to add a custom manifest in order to use a third-party library that requires a setting in there. But we don't want to risk there being any other differences from before. And that brings the question. Is there a way to know what that default manifest that we are using now actually looks like so we can add to it? I have checked the obj and bin folders but didn't find anything in there and internet search hasn't really brought up much.
Thanks
The default manifest that is embedded into the assembly when you build the app looks like this:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="YourAppName.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
You can extract it using a decompiler.
Related
I have the following manifest in one project of mine (created on Visual Studio 2013, on C#).
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<assemblyIdentity version="5.4.0.5" name="Device"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"><requestedExecutionLevel level="highestAvailable" uiAccess="false" /></requestedPrivileges></security></trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"><application></application></compatibility>
</asmv1:assembly>
The "assemblyIdentity" tag contains the project name and version; is there a way to mark this properties with a code to get both values from the project at compiler time, instead of changing it on the file?
Just to close this with something i found and solved my need, at MSDN's page they show how to Specify Build Events (C#) and use as an example a Build Event to change App Manifest.
I'm trying to allow my program to write to the HKLM Keys. In order to achieve that I tried to create a manifest file:
<?xml version="1.0" encoding="utf-8"?>
<assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
</application>
</compatibility>
</assembly>
But even with this file I'm still getting an exception:
"System.UnauthorizedAccessException" in mscorlib.dll
Cannot write to the registry key.
I'm using VS2015. I click create new element then pick Manifest file. Set the name to MyProgram.exe.manifest. Then in Project properties I select the proper manifest. And finally I'm changing execution level in Manifest file to requireAdministrator and rebuild the program.
But when I'm executing the MyProgram.exe it never shows that UAC window and when I try to write to HKLM in throws an exception. So I suspect the manifest is not working properly.
Please advise.
Thank you!!
You can do like this:
using administrator run program.
No permission to set permissions.
EDIT: I would still like an answer to this question if anyone can provide one, however I have decided to split out the non-administrative part of this project into another project which will call this project as required.
I have a project which manipulates some registry keys under HKLM - which obviously requires elevation. The application knows when it needs this elevation and will re-launch itself with runas to get elevation.
In the development environment this works fine, and the application also runs fine on intended targets in this form.
When I pump the project through a VS2010 setup project and install the project on the target system, the EXE gets marked as requiring elevation and requests it whenever it gets run before the application logic determines if it needs it.
I have searched for an hour or so and found nothing which relates, though I suspect the power of my search terms is insufficiently strong (or I lack the right ones) to find an appropriate result.
How can I stop the setup project from marking the executable as requiring elevation?
Subsequent to the comment below I added a custom manifest to the project with the same result, the manifest looked right to me:
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
</application>
</compatibility>
</asmv1:assembly>
Here's the output of the project's build (in the obj folder since that's what's being pulled in by the setup project):
http://i.stack.imgur.com/elrQh.png
The outwardly obvious thing is the lack of the UAC shield on the executable. After building the setup project, then installing it via the resultant MSI, the installed executable is like this:
http://i.stack.imgur.com/A33qz.png
Noting the now existing UAC shield.
Before adding the custom manifest, it was set to use a default one (which I suspect has the same content).
I have a wpf application which reads from .xaml files to dynamically create views. However, when installed on a non-dev machine, the program says that the program has unauthorized access to the path where the files are stored. We are using relative pathing to read the files. Any suggestions?
Only way you'll have granted access to that Program Files folder is Creating and Embedding an Application Manifest (UAC).
As an example:
Executable: IsUserAdmin.exe
Manifest:IsUserAdmin.exe.manifest
Sample application manifest file:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0"
processorArchitecture="X86"
name="IsUserAdmin"
type="win32"/>
<description>Description of your application</description>
<!-- Identify the application security requirements. -->
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel
level="requireAdministrator"
uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
But you definitively must go and read the API.
I'm having some trouble with my C# app that uses win32_networkingadapterconfig. The problem is that I can't use the altering functions in win32_networkingadapterconfig when I use the app on a user that dont have admin rights. I have tried to "run as administrator", but no luck. And I have tried to make a manifestfile with this content in the trustInfo part:
<security>
<applicationRequestMinimum>
<PermissionSet class="System.Security.PermissionSet" version="1" Unrestricted="true" ID="Custom" SameSite="site" />
<defaultAssemblyRequest permissionSetReference="Custom" />
</applicationRequestMinimum>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
Enable clickone security settings are set to full trust. What am I doing wrong ?
There's a "trustinfo" dangling in your snippet. Make it look like this:
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
</asmv1:assembly>
There are a number of possible issues which I have listed in the order I suspect is most likely to less likely.
Possible Problem 1
What are your UAC settings? As detailed in Create and Embed an Application Manifest (UAC)
if you have UAC disabled and you request administrator permissions the
Application might launch but will fail later
Possible Problem 2
There could be something wrong else where in the manifest as the assembly information is required. Posting your whole manifest would help.
Possible Problem 3
You have added the applicationRequestMinimum node which is not required for UAC escalation. It may be worth dropping that and trying again.