如何检测我的进程是否正在运行UAC提升?
我的Vista应用程序需要知道用户是以“pipe理员”(提升)还是以标准用户(非提升)启动它。 我怎样才能在运行时检测到?
对于我们这些在C#中工作的人来说,在Windows SDK中有一个“UACDemo”应用程序作为“跨技术示例”的一部分。 他们发现当前用户是否是使用此方法的pipe理员:
private bool IsAdministrator { get { WindowsIdentity wi = WindowsIdentity.GetCurrent(); WindowsPrincipal wp = new WindowsPrincipal(wi); return wp.IsInRole(WindowsBuiltInRole.Administrator); } }
(注意:我将原始代码重构为一个属性,而不是“if”语句)
下面的C ++函数可以做到这一点:
HRESULT GetElevationType( __out TOKEN_ELEVATION_TYPE * ptet ); /* Parameters: ptet [out] Pointer to a variable that receives the elevation type of the current process. The possible values are: TokenElevationTypeDefault - This value indicates that either UAC is disabled, or the process is started by a standard user (not a member of the Administrators group). The following two values can be returned only if both the UAC is enabled and the user is a member of the Administrator's group: TokenElevationTypeFull - the process is running elevated. TokenElevationTypeLimited - the process is not running elevated. Return Values: If the function succeeds, the return value is S_OK. If the function fails, the return value is E_FAIL. To get extended error information, call GetLastError(). Implementation: */ HRESULT GetElevationType( __out TOKEN_ELEVATION_TYPE * ptet ) { if ( !IsVista() ) return E_FAIL; HRESULT hResult = E_FAIL; // assume an error occurred HANDLE hToken = NULL; if ( !::OpenProcessToken( ::GetCurrentProcess(), TOKEN_QUERY, &hToken ) ) { return hResult; } DWORD dwReturnLength = 0; if ( ::GetTokenInformation( hToken, TokenElevationType, ptet, sizeof( *ptet ), &dwReturnLength ) ) { ASSERT( dwReturnLength == sizeof( *ptet ) ); hResult = S_OK; } ::CloseHandle( hToken ); return hResult; }
我不认为海拔types是你想要的答案。 你只是想知道它是否boost。 当您调用GetTokenInformation时使用TokenElevation而不是TokenElevationType。 如果结构返回正值,则用户是admin。 如果为零,则用户为正常仰angular。
这是一个Delphi解决scheme:
function TMyAppInfo.RunningAsAdmin: boolean; var hToken, hProcess: THandle; pTokenInformation: pointer; ReturnLength: DWord; TokenInformation: TTokenElevation; begin hProcess := GetCurrentProcess; try if OpenProcessToken(hProcess, TOKEN_QUERY, hToken) then try TokenInformation.TokenIsElevated := 0; pTokenInformation := @TokenInformation; GetTokenInformation(hToken, TokenElevation, pTokenInformation, sizeof(TokenInformation), ReturnLength); result := (TokenInformation.TokenIsElevated > 0); finally CloseHandle(hToken); end; except result := false; end; end;
如果(当前)进程被提升,这是一个检查的VB6实现
Option Explicit '--- for OpenProcessToken Private Const TOKEN_QUERY As Long = &H8 Private Const TokenElevation As Long = 20 Private Declare Function GetCurrentProcess Lib "kernel32" () As Long Private Declare Function OpenProcessToken Lib "advapi32.dll" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As Long Private Declare Function GetTokenInformation Lib "advapi32.dll" (ByVal TokenHandle As Long, ByVal TokenInformationClass As Long, TokenInformation As Any, ByVal TokenInformationLength As Long, ReturnLength As Long) As Long Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long Public Function IsElevated(Optional ByVal hProcess As Long) As Boolean Dim hToken As Long Dim dwIsElevated As Long Dim dwLength As Long If hProcess = 0 Then hProcess = GetCurrentProcess() End If If OpenProcessToken(hProcess, TOKEN_QUERY, hToken) Then If GetTokenInformation(hToken, TokenElevation, dwIsElevated, 4, dwLength) Then IsElevated = (dwIsElevated <> 0) End If Call CloseHandle(hToken) End If End Function