I just try to understand the Google update service (aka Omaha) and can't find any information about how Omaha updates Chrome without the UAC Prompt?! Or without any Administrator privileges.
I am looking for a way to lunch a update service that can Update a Application in the Program folder (without UAC / Administrator privileges) just like Omaha does, but i can't find any documentation regarding that topic. Tried browsing the source code a bit thought but i couldn't find anything that helps.
In fact only the Installation should require Administrator Rights, but the update should not.
Any "easy" way to achieve this in C#?
Chrome installs a Windows Service, which is always running and preforms the update. The service runs as SYSTEM and so can perform the update without UAC prompt.
See:
https://support.google.com/installer/answer/98805?hl=en
http://omaha.googlecode.com/svn/wiki/OmahaOverview.html (Execution model section)
Related
I have a C# application that needs to run with administrative permissions. In particular, it loads at Windows 7 start-up and executes a few scripts in the background. This process is fully invisible to the user and is covered up with a background when executing. The permissions implementation is via a manifest file. Now, the problem is that I need to automate the step where UAC prompt comes up, and invisibly accept it.
How would something like that be done in C#?
I think what you have to do is impersonate a user with administrator privileges.
Try this: http://msdn.microsoft.com/en-us/library/chf6fbt4.aspx
I have had success with this method before, give it a shot!
I am trying to get my silverlight application running with elevated privileges in browser. However, no matter what I do, it doesnt get elevated.
I have tried to add registry key AllowElevatedTrustAppsInBrowser (as DWORD with value 1), and signed the XAP file using VS 2012. I also came across a blog that mentioned the clientaccesspolicy.xml file, but I was not able to allow elevated privileges with this either. I put the xml file inside the web project hosting the html file that displays the XAP.
Has anyone actually managed to get this to run?
I also tried following this: http://mtaulty.com/CommunityServer/blogs/mike_taultys_blog/archive/2011/04/27/silverlight-5-beta-rough-notes-trusted-apps-in-the-browser.aspx but im unsure about where to run the commands he runs on windows.
There is a good summary on how to enable in-browser elevated trust by Mister Goodcat here, where he also provides some troubleshooting tips:
One thing to keep in mind is that even if your application runs as trusted in-browser app, it is still subject to the security restrictions the browser itself imposes. That means that its possibilities may be much more restricted than if they ran out of browser, for example by Internet Explorer's Protected Mode. In addition, the Silverlight runtime itself restricts use of certain features for in-browser trusted apps, for example you cannot use the Window class and/or create additional windows when you're running in the browser.
If none of the above applies to you and you still run into problems, one thing to do is check whether your certificate(s) have been installed correctly. There's a snap-in for the management console for this. Here is an article that describes how to get there (note that you should add a snap-in for your user account, not the computer account as in this description).
You can also check whether your registry key is actually and successfully queried, for example by using a tool like Process Monitor from the Sysinternals Suite. Watch for operations of type "ReqQueryValue" of your browser executable that access the key we created above, and make sure the Result is "SUCCESS".
I'm looking for a way to check that a remote process has administrator privileges from my (fully managed) code. It's safe to assume that my code will run be run with administrator privileges, so I don't care how invasive the technique to achieve my goal is, however I'm looking for a fully managed way which must be compatible with XP SP3 x86 all the way down to win7 x64.
Thanks in advance!
Edit: in order to clarify, I'm talking about a process running on the same machine, regardless of the user who started it. I want to make sure that either the identity associated with the process belongs to the Administrators group or that the main thread has full privileges, with special regards to inheriting handles opened by elevated processes and writing to the storage without any restriction but those applied to processes spawned with the "Run as administrator" option.
OpenProcess(PROCESS_QUERY_[LIMITED_]INFORMATION)+OpenProcessToken(TOKEN_DUPLICATE) to get the token, then DuplicateTokenEx(TOKEN_QUERY,SecurityImpersonation,TokenImpersonation) to get the impersonation token, then pass that token and the SID from CreateWellKnownSid(WinBuiltinAdministratorsSid) to CheckTokenMembership.
To be able to open (almost) every process for PROCESS_QUERY_INFORMATION access you need to be running as administrator and with debug privileges. On Vista and later you can use PROCESS_QUERY_LIMITED_INFORMATION.
Example code available in this answer.
You could use GetTokenInformation or IsUserAnAdmin API calls.
To check if process started with user from Administrative group you should use the way described by Anders. To check integrity level on Vista or Windows 7 use GetTokenInformation with specifing TokenIntegrityLevel token class to get TOKEN_MANDATORY_LABEL struct which contains SID associated with mandatory integrity level of the token.
I have created Process.Extensions.dll extension using solution offered by Anders
https://stackoverflow.com/a/53460693/3855622
I found this nice snippet of code online:
rkApp = Registry.LocalMachine.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
Which runs great but alas on windows 7 and vista I suspect, it crashes cause it doesn't have permission to write there.
So then I research (on stackoverflow of course) how to avoid this, quickest method:
rkApp = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
Simple enough! Though there is two issues remaining. One is with both methods (on a XP Box that is), the program thinks its relative path is somewhere in the C:\windows folder now...so I.e. it won't find my path relative help files etc. The second issue is, on windows 7, my program won't startup until I log in. I want it to start up in the background if possible before anyone logs in.
Its a simple .exe that hangs out in the systray when its running. I didn't want to create this monstrosity of an installer to get around these admin and pathing issues.
I Think I would have to create it as a service (no clue how to do that) to get it to start up when the machine reboots before anyone logs in. Secondly to do that I am sure I have to figure out the admin privileges, and since I don't want to have to approve the program to run every time it starts up it sounds like I would have to figure out its admin privileges during install time, but alas no installer.
So just curious what routes I might take to get this to work. I can even suffer it coming up only after when the user logs in, but my current methods that work this way really screw up the pathing of my program since it tries to write stuff out to a new directory (not the one I originally started the EXE from). Etc...and I have no clue how to go about fixing that pathing issue.
It sounds like you need two programs here.
You can't have an application run in the system tray and run prior to login. The system tray doesn't "exist" until the user logs in and has a valid desktop.
The normal way to handle this is to make two programs. First, create a windows service that does the bulk of your work. This will run on startup, and be independent of any user logins.
Then, make a user mode application which uses IPC to communicate with the service. This can run on login, and "talk" to the service remotely, thereby providing your system tray requirements.
If you want your program to start as a service before anyone logs on, then it's going to need to be installed and run as an admin user. There's not getting round this fact.
There's a Microsoft Knowledge Base article on creating a service which should get you started.
There's a project template for a Windows Service installed by default in Visual Studio 2008:
"File > New > Project > Visual C# > Windows > Windows Service"
At my company we have a product which pretty much interacts with everything you can imagine... registry, databases, devices, etc... it is composed of many parts but the entire application is launched by a single executable (start.exe) which is responsbile for launching everything else - this is all legacy code and run under a USER account.
Currently this is launched as a STARTUP item (or by double-clicking on the desktop icon) in Windows, meaning when the user logins into the USER account the application (start.exe) automatically kicks off, under this account it has all the permissions it needs to run and everything has been fine for years...
Now comes the change - I have written a service (Serv.exe) that is running as LocalSystem - this service is responsible for updating the various software components of our product and works as follows:
- when the product detects an update it signals the LocalSystem service (Serv.exe) and then terminates itself
- Serv.exe will then perform all the updating
Now, after everything is done, the product (via start.exe) needs to be launched again automatically ... and this is where I need some advice ... what is the best way to restart the product (start.exe)?
Right now I use the LocalSystem Service (Serv.exe) and impersonate the USER account as follows:
- CreateEnvironmentBlock for the USER
- CreateProcessAsUser(start.exe) as the USER with the corresponding EnvBlock
- DestroyEnvironmentBlock
But is this really 100% equivalent to double-clicking on the icon in the USER account context? I need to ensure that everything is identical when it is either launched on STARTUP of USER or by Impersonation from Serv.exe (LocalSystem) - is there a risk involved? Will I still have the same rights/abilities with all databases? registry? device interaction? etc..
By loading the EnvBlock I seem to get everything I need but ... is this not a good way to do it...?
Kind of hoping for some guidance and advice from the pro's out there ...
Any help or hints would be much appreciated.
Thanks,
Update: Here is a post named: Launching an interactive process from Windows Service in Windows Vista and later. Which is exactly what you are looking for. It starts with:
The first thing you should do about it is that; don't do it. There are many limitations and bad implications and restrictions involved.
So first test if your current solution works. That depend on what the process is doing. If it is not involving user interaction. Or manipulating the current user session. Then you don't need this complex solution. If you need it, than good luck!
Before update: Its not 100% equivalent. Except authorization there are, in windows, sessions and, in each session, there are desktops. The process that is lunched from the service will run on the service session and desktop ( if the service has it). Depending on what the start.exe does, it may be important or not.
Look at the SetTokenInformation function.
Instead of launching the application directly as a "startup item" you could start a "launcher.exe" that then would launch your application. The service could then signal "launcher.exe" that another instance of the application should start after an update. Using this method you can't use the service to update "launcher.exe", but this executable should be very simple and hopefully not require any updates. Using this method would avoid all the pitfalls of trying to start an interactive application from a service.