locked
UIPI problem. RRS feed

  • Question

  • Hello,

    I have a standard manifest (asInvoker) application that is interacting with windows explorer (WM_DROPFILES), that is working fine when the shell and my application share the same UIPI.
    When running in standard account, if the my application is launched with elevated rights, due to UIPI it no longer receives the WM_DROPFILES message from the shell.

    Is there any chance to still have my application started as Administrator and receiving the WM_DROPFILES knowing that the application is in a higher privilege level than the shell ?

    The actual solution is restarting the application when the administrative tasks are done (createprocessasuser).


    Dev s r'us
    • Edited by Codu Friday, October 16, 2009 4:32 PM appending info
    Friday, October 16, 2009 9:00 AM

Answers

  • You can call ChangeWindowMessageFilterEx to enable WM_DROPFILES but the drag-drop process requires bi-directional messaging and maybe is using undocumented messages for inter-process COM marshalling. I am not sure how many messages you should enable for drag and drop to work, and how long it take other Trojan writers to exploit the hole.

    I suggest you let the user copy the files to clipboard and paste in your program, or add your program to the send to context menu in Explorer instead.


    The following is signature, not part of post
    Please mark the post answered your question as the answer, and mark other helpful posts as helpful.
    Visual C++ MVP
    • Marked as answer by Codu Saturday, October 17, 2009 12:16 AM
    Friday, October 16, 2009 10:50 PM

All replies

  • You can call ChangeWindowMessageFilterEx to enable WM_DROPFILES but the drag-drop process requires bi-directional messaging and maybe is using undocumented messages for inter-process COM marshalling. I am not sure how many messages you should enable for drag and drop to work, and how long it take other Trojan writers to exploit the hole.

    I suggest you let the user copy the files to clipboard and paste in your program, or add your program to the send to context menu in Explorer instead.


    The following is signature, not part of post
    Please mark the post answered your question as the answer, and mark other helpful posts as helpful.
    Visual C++ MVP
    • Marked as answer by Codu Saturday, October 17, 2009 12:16 AM
    Friday, October 16, 2009 10:50 PM
  • ChangeWindowMessageFilter(Ex) didn't change much ... that was the first shot thinking of a hidden mechanism activation and not just enabling a message. Then I thought Impersonating with the shell's token would lower the main thread privilege, just like the regular launch as standard user and thus, joining the standard user isolation. This actually happens, my thread is no longer an administrator thread, but the isolation is still there.
    I asked because I though that maybe is an API function that I was missing.

    Thank you Sheng.
    Dev s r'us
    Saturday, October 17, 2009 12:13 AM