How does Chromeframe install without admin privileges?
If I wanted to create a BHO in C#, would it be possible to follow the same process?
If I understand correctly, I need to save the DLL on the client, I then also have to add a registry key to register the DLL as a BHO. How does chrome-frame do this in a restricted environment?
Chrome Frame is writing to the current user (HKCU) registry hive (HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions), not the local machine (HKLM). You do not need administrative permissions to write to the current user hive.
Secondly, Google puts the DLL somewhere in %APPDATA% (like the Chrome Browser itself), not Program Files, which also does not require Administrative permissions.
The sum it up, Chrome Frame is just being installed into places that do not require elevated permissions to access, and yes, you can do it too.
As Serge pointed out in the comment below, this also means that the BHO must be installed for every user that wants to use it, which to me, is a good thing.
Related
I have a c# project, and I have to save some critical files in the Application directory in the C:\
then I need to use these files while my APP is running.
When I made the Setup project, I couldn't run my app unless I run it as administrator privilege.
So how can I solve this problem I don't need each time of run a message like this appear.
any idea?
If your app needs admin privilege to run, then it will need elevation to admin privilege at some point. The normal way to do this is embed an elevation manifest, your build tool probably has (in the linker) a UAC setting for requireAdministrator. This is the way everything works - elevation to administrator privilege requires user consent, and elevation dialogs are normal when an app starts. The alternative is to save files in some other location that doesn't require admin privilege. If you need to do that saving of files rarely, then do it an another program that you start and it will ask for elevation, then your app isn't asking every time it runs.
I wouldn't make the C drive available to limited users - that allows access of limited users to everything.
I have built an application using C# which accesses the registry and installation folder for read/write information. A normal user having limited privileges is getting an error while accessing/writing the information (in registry or installation folder).
Is there a way in which all types of users are able to run that application smoothly?
It is possible, although it's not completely straightforward.
You're gonna have to impersonate another user (who, in turn, has to have all the required privileges).
Check this question for details: Windows Impersonation from C#
There are two ways, the simple and complex. First - install the program per user rather than per computer. Second - to write a service that will operate under the privileged user and perform the necessary procedures (accessing/writing the information) for your application.
I am trying to create a program similar to Folder Lock which prevents users from accessing a particular folder. I tried using DirectorySecurity class and AccessRules to change the AccessControl for folders.
However, the settings which i assign can easily be changed by going to "Security Tab" and changing the permissions.
Is there any secure way of preventing access to directories ?
I think my answer to this question: "How could I prevent a folder from being created using a windows service?" is probably what you'd need to do to achieve what you want:
Unfortunately I don't know anywhere
near enough about the how to help you,
but I'm fairly sure that you'll need
to either write or obtain a File
System Filter Driver that can
communicate with your windows service
to tell it that someone has attempted
to create a directory/file so that
your service can make a decision for
it. This way when someone/something
attempts to create a file or folder
that's not allowed they could be
returned "Access Denied" or another
Win32 error of your choice.
If you did go down the route of using
a driver, I'd guess it'd still be best
to do the heavy lifting of deciding if
the creation/modification in the
service, i.e. outside of Kernel mode.
As long as a user is the owner of directories or files, he can change the permissions. You'd have to change the ownership of the directories in order to really secure the directories (and making this change of ownership requires administrative rights).
But a user with administrator right can always take the ownership back.
If you are in an enterprise and people are not admins of their machines, you could write a Windows service that runs as domain admin and makes the needed changes. In a home environment, there's no way.
There are 2 things which can overrule the rights of a local administrator.
The domain policy (but your pc has to be a member of a domain)
A process running under SYSTEM privileges (drivers for example), this is the way virus scanners and rootkits work, they analyse your file system request before the results reached the user, and intercept it if deemed necessary.
But the second option you can't do with c#, and the first option is more a Active Directory configuration solution.
No, you can't prevent the computers administrator account from accessing or taking ownership of any folder.
You can prevent restricted accounts (as you have described), but the administrator will always be able to change the security settings.
I have what the UAC Development Guides refer to as a "Administrative Choice Application." If you're familiar with what this is skip to the next section.
Background:
I want to let a "Standard" user have the ability to select/deselect a Run On Startup option in the preferences for my application.
Since my application is per machine (not per user), what needs to happen is it will either need to Delete or Copy a shortcut file into the Start Menu/Programs/Startup folder which will require administrative access to perform this operation.
So, what i'd like is for the "User Account Control credential prompt" to appear and that way if the user has an admin account also they can put in the credentials. This is apparently how applications are supposed to be designed to keep the user from having to switch to another account each time they need to do something administrative.
Excerpt from MSDN documentation:
An Administrative Choice Application
An Elevated Process or COM Object
The initial application launches without requiring elevation. Those items in the user interface that would require an administrative access token are decorated with a shield icon as identification. This decoration indicates to the user that using that feature will require administrator approval. When the application detects that one of these buttons has been selected, it has the following two choices.
The application launches a second program using ShellExecute() to perform the administrative task. This second program would be marked with a requestedExecutionLevel of requireAdministrator, thus causing the user to be prompted for approval. This second program would be running with a full administrative access token and would be able to perform the desired task.
-OR-
The application launches a COM object using CreateElevatedComObject(). This API would launch the COM object with a full administrative access token following approval and this COM object would be able to perform the desired task.
I just need to copy a file... seems excessive to fork a new process using ShellExecute() and I don't know enough about COM to know if I could use it to copy a file. I am hoping someone can post some code which provides a way to copy the file and ideally also explain how to decorate a MenuItem with the "sheild decorator".
Notes:
I have looked at the UAC Demo provided by microsoft which is referenced in several StackOverflow posts such as (Request Windows Vista UAC elevation if path is protected?) on topics related to permissions. The code only has an example of the calling a separate process.
Though it still appears to involve at least restarting or spawning a process, you can find some help here:
UAC Shield for Elevation at CodeProject.com
I ended up going in a different direction. I had my installer create a startup shortcut in the All Users/Startup folder that passes an argument to the application "startup".
When the application started I would check for the existence of the arg[0].equals("startup") and then check if Settings1.Default.RunOnStartup == true.
If both conditions were true I'd exit the application immediately. When the application is started without that argument (ie the Start Menu Program Group), the application loaded normally.
The RunOnStartup setting is a user scoped setting so each user can change without effecting others.
We have a thick-client that needs to access resources on a share where a client may not be logged on. The client might be on a Windows domain or it could be a mixed environment without a domain, so the user would have to log on to the server locally. In the past, one work around was to create a shortcut on the user's desktop to the share, which opens Windows Explorer, which opens a password prompt that grants or denies access to the share. How can I get the user to signon to the share without relying on Windows Explorer? What does Windows Explorer do that I can have my app do to demand access to the share?
I have read Access files from network share in c# web app, but I am doing this in a WinForms app and want it to be interactive. I have also read How to prompt for a Password, but that code just prompts for strings from the user rather than invoking the UI that demands and grants access to the share. I would rather not have my app know the user's password as much as trigger the OS to demand access for the network resource.
You could take a look at the Win32 API CredUIPromptForCredentials ( or CredUIPromptForWindowsCredential if you're running on Vista/Win2k8, you should check the winver to decide which call to make).
This method actually invokes the regular credentials prompt but you get the credentials (awful, I know).
PInvoke.Net has sample code showing how to call this function from C# (in the PInvoke sample you have to pass CREDUI_FLAGS.DO_NOT_PERSIST for flags if you've specified false in save. Weird, I know).
More info (and a unmanaged sample) on the great Keith brown wikibook on security
Once you get the credentials (in a secure string) you can then impersonate the user to get to the resource (using logonuser).
And it's ugly. I understand you want Windows to show the standard prompt dialog and you don't want to know about the credentials.
I'm wondering if a ugly hack like using System.Diagnostics.Process to launch a hidden explorer.exe on the remote UNC would not do the trick. You'd have to find a way to wait for the user to have entered the credentials and then kill the spawned explorer process.