none
Check If Application Is Running Elevated RRS feed

  • Question

  • I have an application that checks on startup to see if the user is an administrator, If it is not then the application restarts as an elevated process. What i need to do now is to be able to determine what state the application is running in. Is it elevated or not? Is there anything in .net that would allow me to do a check like this? or will i have to make some sort of flag that records the state when the process is relaunched as an elevated process, if so any tips on how i might do this?
    Monday, October 19, 2009 1:58 PM

Answers

  • Hmmm... not sure if this works. (I don't have any way to check it at the moment), but could you try this code?

    using System;
    using System.Collections.Generic;
    using System.Diagnostics;
    using System.Linq;
    using System.Runtime.InteropServices;
    using System.Text;

    namespace ConsoleApplication57
    {
        enum TokenInformation
        {
            TokenUser = 1,
            TokenGroups =2,
            TokenPrivileges=3,
            TokenOwner=4,
            TokenPrimaryGroup=5,
            TokenDefaultDacl=6,
            TokenSource=7,
            TokenType=8,
            TokenImpersonationLevel=9,
            TokenStatistics=10,
            TokenRestrictedSids=11,
            TokenSessionId=12,
            TokenGroupsAndPrivileges=13,
            TokenSessionReference=14,
            TokenSandBoxInert=15,
            TokenAuditPolicy=16,
            TokenOrigin=17,
            TokenElevationType=18,
            TokenLinkedToken=19,
            TokenElevation=20,
            TokenHasRestrictions=21,
            TokenAccessInformation=22,
            TokenVirtualizationAllowed=23,
            TokenVirtualizationEnabled=24,
            TokenIntegrityLevel=25,
            TokenUiAccess=26,
            TokenMandatoryPolicy=27,
            TokenLogonSid=28,
            MaxTokenInfoClass=29
        }

        public enum TokenElevationType  {
          TokenElevationTypeDefault= 1,
          TokenElevationTypeFull=2,
          TokenElevationTypeLimited=3 
        }

        class Program
        {
            [DllImport("Advapi32.dll")]
            public static extern bool OpenProcessToken(IntPtr processHandle, int desiredAccess, out IntPtr tokenHandle);

            [DllImport("Advapi32.dll")]
            public static extern bool GetTokenInformation(IntPtr tokenHandle, TokenInformation info, ref IntPtr tokenInformation, int tokenInformationLength, out uint returnLength);


            public const int TOKEN_QUERY = 0x00000008;

            static void Main(string[] args)
            {
                Console.WriteLine(CurrentElevation);
            }

            static TokenElevationType CurrentElevation
            {
                get
                {
                    IntPtr procHandle = Process.GetCurrentProcess().Handle;
                    IntPtr tokenHandle = IntPtr.Zero;

                    OpenProcessToken(procHandle, TOKEN_QUERY, out tokenHandle);

                    uint returnLength;

                    IntPtr tokenInformation = Marshal.AllocHGlobal(0);

                    int size = Marshal.SizeOf(Enum.GetUnderlyingType(typeof (TokenInformation)));

                    bool success = GetTokenInformation(tokenHandle, TokenInformation.TokenElevationType, ref tokenInformation, size,
                                       out returnLength);
                    if (success)
                    {
                        return (TokenElevationType)(int)tokenInformation;
                    }

                    throw new Exception("Error returning the token information");
                }
            }
        }
    }


    Coding Light - Illuminated Ideas and Algorithms in Software
    Coding Light WikiLinkedInForumsBrowser
    • Marked as answer by Nitro52 Wednesday, October 21, 2009 5:37 AM
    Monday, October 19, 2009 2:50 PM
    Moderator

All replies

  • Elevated and Administrator are two separate things, but I believe you already know that.  One deals with the level at which the process is running, and the other deals with the account under which the process runs, and it's associated privileges. 

    There's some libraries that can help with this.  Check out the following link for a starting point:

    http://uachelpers.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=29976
    Coding Light - Illuminated Ideas and Algorithms in Software
    Coding Light WikiLinkedInForumsBrowser
    Monday, October 19, 2009 2:01 PM
    Moderator
  • Its not managed code but check out: Riding the Vista UAC elevator, up and down

    William Wegerson (www.OmegaCoder.Com)
    Monday, October 19, 2009 2:13 PM
    Moderator
  • Hmmm... not sure if this works. (I don't have any way to check it at the moment), but could you try this code?

    using System;
    using System.Collections.Generic;
    using System.Diagnostics;
    using System.Linq;
    using System.Runtime.InteropServices;
    using System.Text;

    namespace ConsoleApplication57
    {
        enum TokenInformation
        {
            TokenUser = 1,
            TokenGroups =2,
            TokenPrivileges=3,
            TokenOwner=4,
            TokenPrimaryGroup=5,
            TokenDefaultDacl=6,
            TokenSource=7,
            TokenType=8,
            TokenImpersonationLevel=9,
            TokenStatistics=10,
            TokenRestrictedSids=11,
            TokenSessionId=12,
            TokenGroupsAndPrivileges=13,
            TokenSessionReference=14,
            TokenSandBoxInert=15,
            TokenAuditPolicy=16,
            TokenOrigin=17,
            TokenElevationType=18,
            TokenLinkedToken=19,
            TokenElevation=20,
            TokenHasRestrictions=21,
            TokenAccessInformation=22,
            TokenVirtualizationAllowed=23,
            TokenVirtualizationEnabled=24,
            TokenIntegrityLevel=25,
            TokenUiAccess=26,
            TokenMandatoryPolicy=27,
            TokenLogonSid=28,
            MaxTokenInfoClass=29
        }

        public enum TokenElevationType  {
          TokenElevationTypeDefault= 1,
          TokenElevationTypeFull=2,
          TokenElevationTypeLimited=3 
        }

        class Program
        {
            [DllImport("Advapi32.dll")]
            public static extern bool OpenProcessToken(IntPtr processHandle, int desiredAccess, out IntPtr tokenHandle);

            [DllImport("Advapi32.dll")]
            public static extern bool GetTokenInformation(IntPtr tokenHandle, TokenInformation info, ref IntPtr tokenInformation, int tokenInformationLength, out uint returnLength);


            public const int TOKEN_QUERY = 0x00000008;

            static void Main(string[] args)
            {
                Console.WriteLine(CurrentElevation);
            }

            static TokenElevationType CurrentElevation
            {
                get
                {
                    IntPtr procHandle = Process.GetCurrentProcess().Handle;
                    IntPtr tokenHandle = IntPtr.Zero;

                    OpenProcessToken(procHandle, TOKEN_QUERY, out tokenHandle);

                    uint returnLength;

                    IntPtr tokenInformation = Marshal.AllocHGlobal(0);

                    int size = Marshal.SizeOf(Enum.GetUnderlyingType(typeof (TokenInformation)));

                    bool success = GetTokenInformation(tokenHandle, TokenInformation.TokenElevationType, ref tokenInformation, size,
                                       out returnLength);
                    if (success)
                    {
                        return (TokenElevationType)(int)tokenInformation;
                    }

                    throw new Exception("Error returning the token information");
                }
            }
        }
    }


    Coding Light - Illuminated Ideas and Algorithms in Software
    Coding Light WikiLinkedInForumsBrowser
    • Marked as answer by Nitro52 Wednesday, October 21, 2009 5:37 AM
    Monday, October 19, 2009 2:50 PM
    Moderator
  • Works on my box...reports default which it should because I have set it at minimal.
    William Wegerson (www.OmegaCoder.Com)
    Monday, October 19, 2009 4:43 PM
    Moderator
  • Thanks that code worked like a dream. At least on windows 7 it did. I havn't tested it on vista and xp yet (despite the fact that xp dosn't have UAC).
    Wednesday, October 21, 2009 5:39 AM