Hi,
How do I ask for escalation from within a program?
I'm developing a standalone program that can also act as a 'plugin' to
another application. The way the other app was designed, it scans a
plugin folder in its "program files" folder for settings documents
which contain all the settings it needs to know to call the plug-in
apps.
The problem, of course, is permissions. Under vista, even the
administrator accounts are prevented from writing to the folder
without escalation.
So I how do I request escalation so that my program can save the
settings file to its plugin folder? right now it just throws an
exception 'access denied'. I'd be happy if I could get the 'The
program is trying to access a protected folder..." type of message
that they could just accept. After all, it only normally needs to be
done once.
As it stands now, it works if they launch the software using the 'run
as administrator', but I'd prefer it to ask on that one function
instead, if its not a buttload of work.
thanks in advance for any suggestions or advice,
-Dave
12  2169 
"d-42" <db********@gma il.comwrote in message
news:d9******** *************** ***********@k36 g2000pri.google groups.com...
Hi,
How do I ask for escalation from within a program?
I'm developing a standalone program that can also act as a 'plugin' to
another application. The way the other app was designed, it scans a
plugin folder in its "program files" folder for settings documents
which contain all the settings it needs to know to call the plug-in
apps.
The problem, of course, is permissions. Under vista, even the
administrator accounts are prevented from writing to the folder
without escalation.
So I how do I request escalation so that my program can save the
settings file to its plugin folder? right now it just throws an
exception 'access denied'. I'd be happy if I could get the 'The
program is trying to access a protected folder..." type of message
that they could just accept. After all, it only normally needs to be
done once.
As it stands now, it works if they launch the software using the 'run
as administrator', but I'd prefer it to ask on that one function
instead, if its not a buttload of work.
Your program would use the Vista UAC manifest to provide the needed
credentials during program runtime, look it up use Google.
On Jul 28, 8:56*pm, "Mr. Arnold" <MR. Arn...@Arnold.c omwrote:
"d-42" <db.pors...@gma il.comwrote in message
news:d9******** *************** ***********@k36 g2000pri.google groups.com...
Hi,
How do I ask for escalation from within a program?
I'm developing a standalone program that can also act as a 'plugin' to
another application. The way the other app was designed, it scans a
plugin folder in its "program files" folder for settings documents
which contain all the settings it needs to know to call the plug-in
apps.
The problem, of course, is permissions. Under vista, even the
administrator accounts are prevented from writing to the folder
without escalation.
So I how do I request escalation so that my program can save the
settings file to its plugin folder? right now it just throws an
exception 'access denied'. I'd be happy if I could get the 'The
program is trying to access a protected folder..." type of message
that they could just accept. After all, it only normally needs to be
done once.
As it stands now, it works if they launch the software using the 'run
as administrator', but I'd prefer it to ask on that one function
instead, if its not a buttload of work.
Your program would use the Vista UAC manifest to provide the needed
credentials during program runtime, look it up use Google.
But I don't want the entire program need escalation, just the one
rarely used feature. I take it that's not possible? That I have to
spin-off the feature into its own executable, and provide a separate
manifest requiring escalation for that?
-regards,
Dave
"d-42" <db********@gma il.comwrote in message
news:3c******** *************** ***********@x29 g2000prd.google groups.com...
On Jul 28, 8:56 pm, "Mr. Arnold" <MR. Arn...@Arnold.c omwrote:
"d-42" <db.pors...@gma il.comwrote in message
news:d9******** *************** ***********@k36 g2000pri.google groups.com...
Hi,
How do I ask for escalation from within a program?
I'm developing a standalone program that can also act as a 'plugin' to
another application. The way the other app was designed, it scans a
plugin folder in its "program files" folder for settings documents
which contain all the settings it needs to know to call the plug-in
apps.
The problem, of course, is permissions. Under vista, even the
administrator accounts are prevented from writing to the folder
without escalation.
So I how do I request escalation so that my program can save the
settings file to its plugin folder? right now it just throws an
exception 'access denied'. I'd be happy if I could get the 'The
program is trying to access a protected folder..." type of message
that they could just accept. After all, it only normally needs to be
done once.
As it stands now, it works if they launch the software using the 'run
as administrator', but I'd prefer it to ask on that one function
instead, if its not a buttload of work.
Your program would use the Vista UAC manifest to provide the needed
credentials during program runtime, look it up use Google.
But I don't want the entire program need escalation, just the one
rarely used feature. I take it that's not possible? That I have to
spin-off the feature into its own executable, and provide a separate
manifest requiring escalation for that?
<http://news.softpedia. com/news/Admin-Approval-Mode-in-Windows-Vista-45312.shtml>
<http://www.computerper formance.co.uk/vista/vista_administr ator_activate.h tm#Summary_of_V ista_Administra tor_-_Super_User_(Hi dden_Account)>
<http://www.codeproject .com/KB/vista-security/MakingAppsUACAw are.aspx>
How do I ask for escalation from within a program?
>>
Your program would use the Vista UAC manifest to provide the needed
credentials during program runtime, look it up use Google.
But I don't want the entire program need escalation, just the one
rarely used feature. I take it that's not possible? That I have to
spin-off the feature into its own executable, and provide a separate
manifest requiring escalation for that?
Same problem here. I'm trying to write an auto updater that (obviously)
needs to write to the "program files" folder. When I set the manifest's
requestedExecut ionLevel to requireAdminist rator the application can
write there, but with the massive drawback that the user is prompted to
allow the application as soon as it starts.
What I need is that the program only asks for elevation when needed -
that is, if, and only if, it needs to write to "program files".
Any idea how to accomplish that?
(Didn't find any clue in the links provided)
Markus
Markus Mayer schrieb:
>>>How do I ask for escalation from within a program?
Your program would use the Vista UAC manifest to provide the needed
credentials during program runtime, look it up use Google.
But I don't want the entire program need escalation, just the one
rarely used feature. I take it that's not possible? That I have to
spin-off the feature into its own executable, and provide a separate
manifest requiring escalation for that?
What I need is that the program only asks for elevation when needed -
that is, if, and only if, it needs to write to "program files".
Any idea how to accomplish that?
(Didn't find any clue in the links provided)
Hm. I obviously missed the part saying "This is the only time
applications can do this as applications cannot change their level later
and decide to elevate once running".
Doesn't solve the problem, though. What's the magic of these "shield"
buttons? Do they simply call an executable with a "run as administrator"
constraint?
Markus
On Jul 30, 3:30*am, Markus Mayer
<_nospam_usenet _nospam_@_nospa m_defx_nospam_. dewrote:
Markus Mayer schrieb:
>>How do I ask for escalation from within a program?
Your program would use the Vista UAC manifest to provide the needed
credentials during program runtime, look it up use Google.
But I don't want the entire program need escalation, just the one
rarely used feature. I take it that's not possible? That I have to
spin-off the feature into its own executable, and provide a separate
manifest requiring escalation for that?
What I need is that the program only asks for elevation when needed -
that is, if, and only if, it needs to write to "program files".
Any idea how to accomplish that?
(Didn't find any clue in the links provided)
Hm. I obviously missed the part saying "This is the only time
applications can do this as applications cannot change their level later
and decide to elevate once running".
Doesn't solve the problem, though. What's the magic of these "shield"
buttons? Do they simply call an executable with a "run as administrator"
constraint?
Markus
Based on what I (we have both) read at the codeproject article, it
looks like the process has to be terminated and restarted to get
higher priv's... so I suppose instead of a separate executable, the
menu-item could call the same executable with a 'run as administrator'
and a suitable command line parameter to invoke the feature.
But that's still bloody ugly in my case, since it means the entire
state of the app has to be persisted and restored, to make it
"seamless". For my situation, having it spawn a separate escalated
process to install the plugin file, seems to be the best solution. For
your situation i'd speculate that since you are doing an upgrade, a
terminate and restart as a administrator with command line option to
perform the upgrade is probably acceptable.
cheers,
Dave
On Jul 30, 3:30*am, Markus Mayer
<_nospam_usenet _nospam_@_nospa m_defx_nospam_. dewrote:
Markus Mayer schrieb:
>>How do I ask for escalation from within a program?
Your program would use the Vista UAC manifest to provide the needed
credentials during program runtime, look it up use Google.
But I don't want the entire program need escalation, just the one
rarely used feature. I take it that's not possible? That I have to
spin-off the feature into its own executable, and provide a separate
manifest requiring escalation for that?
What I need is that the program only asks for elevation when needed -
that is, if, and only if, it needs to write to "program files".
Any idea how to accomplish that?
(Didn't find any clue in the links provided)
Hm. I obviously missed the part saying "This is the only time
applications can do this as applications cannot change their level later
and decide to elevate once running".
Doesn't solve the problem, though. What's the magic of these "shield"
buttons? Do they simply call an executable with a "run as administrator"
constraint?
Markus
In follow up I also found this article which is quite informative, and
really, more applicable than the other links we got: http://www.codeproject.com/KB/vista-...Elevation.aspx
cheers,
Dave
"d-42" <db********@gma il.comwrote in message
news:eb******** *************** ***********@k36 g2000pri.google groups.com...
On Jul 30, 3:30 am, Markus Mayer
<_nospam_usenet _nospam_@_nospa m_defx_nospam_. dewrote:
Markus Mayer schrieb:
>>How do I ask for escalation from within a program?
Your program would use the Vista UAC manifest to provide the needed
credentials during program runtime, look it up use Google.
But I don't want the entire program need escalation, just the one
rarely used feature. I take it that's not possible? That I have to
spin-off the feature into its own executable, and provide a separate
manifest requiring escalation for that?
What I need is that the program only asks for elevation when needed -
that is, if, and only if, it needs to write to "program files".
Any idea how to accomplish that?
(Didn't find any clue in the links provided)
Hm. I obviously missed the part saying "This is the only time
applications can do this as applications cannot change their level later
and decide to elevate once running".
Doesn't solve the problem, though. What's the magic of these "shield"
buttons? Do they simply call an executable with a "run as administrator"
constraint?
Markus
In follow up I also found this article which is quite informative, and
really, more applicable than the other links we got: http://www.codeproject.com/KB/vista-...Elevation.aspx
Why go through all that? It's free. http://www.tweak-uac.com/what-is-tweak-uac/
On Jul 30, 3:05*pm, "Mr. Arnold" <MR. Arn...@Arnold.c omwrote:
"d-42" <db.pors...@gma il.comwrote in message
Why go through all that? It's free.
http://www.tweak-uac.com/what-is-tweak-uac/
So lets just tell our customers turn off all Vista's security and just
run as administrator? How can you possibly think that to be an
intelligent solution?
Not only will enterprises reject that option, and as a result, reject
our software outright (as they should), but we will perpetuate the
situation that has caused XP to become the malware cesspool it is.
Thanks, but no thanks. I want my software to run within Vista's least
privileged security model, escalate when absolutely needed, and be
accepted by customers and end users.
I look forward to the day when the suggestion to just 'run as
administrator and disable all the security to run our software' is as
laughable on Windows as it is on Linux, OSX, BSD, Solaris, AIX, and
any other respectable OS out there. Its sad that it hasn't reached
that point already.
-cheers,
Dave This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: xixi |
last post by:
hi, we are using db2 udb v8.1 on 64 bit windows, this message is in
the db2diag.log file
ADM5502W The escalation of "38200" locks on table "xxx.xxx" to lock
intent "X" was successful.
currently i have locklist = 1075, maxlock=60, so based on the formula
(((locks held * 36)/ (locklist *4096)) *100) , i have the answer is
|
by: Jane |
last post by:
Our db2diag.log is full of messages like this:
2004-05-31-17.15.10.383766 Instance:tminst1 Node:000
PID:394948(db2agent (TMDB1) 0) TID:1 Appid:GA140956.EF26.03A4B1202647
data management sqldEscalateLocks Probe:3 Database:TMDB1
ADM5502W The escalation of "4759" locks on table "I2TM .SHPM_T" to lock
intent "S" was successful.
The message is always about Shared locks. What can I do to eliminate these errors?
|
by: Trent |
last post by:
Hello, all.
I have the following production DB2 environment.
DB2 8.1.4 (fp4) WG edition with 2 production databases on Windows 2003
standard edition.
My first question is regard with locking. I found some escalations for
X lock on some tables. How do I work out an appropriate MAXLOCK &
LOCKTIMEOUT settings to optimize the lock escalation issue.
|
by: kavallin |
last post by:
I receives the following in the db2diag.log file many times / day :
2007-03-05-14.55.24.836553+060 E12415C457 LEVEL: Warning
PID : 2785 TID : 1 PROC : db2agent
(dbname)
INSTANCE: db2inst1 NODE : 000 DB : dbname
APPHDL : 0-946 APPID: *LOCAL.db2inst1.070305135434
FUNCTION: DB2 UDB, data management, sqldEscalateLocks, probe:3
MESSAGE : ADM5502W The escalation of...
|
by: Keith Patrick |
last post by:
My apologies if this shows up twice. I've given it 24 hours, but Windows
Mail has issues posting stuff, which makes things even more fun because of
the number of Vista issues I'm having:
I have to launch the User Accounts applet with admin credentials (long story
short, UAC on my machine got corrupted and is not allowing me to enter admin
credentials, so I am completely locked out of admin account...oh, yeah,
Microsoft's own USB F-Lock...
| | |
by: Viviana Vc |
last post by:
Hi all,
I've read the WindowsVistaUACDevReqs.doc documentation and I have done
different small tests on Vista to understand the bahaviour and now I
have a few questions.
1) If I create a dummy console application that creates a file in
Program Files directory, this one will succeed and will create the file
b/c of the virtualization.
But, if I do the following call in a console window (a.exe contains just
|
by: cburnett |
last post by:
Have a peculiar problem regarding lock escalation. Originally lock escalation was occurring because of an application changing most of the rows in a large table. After setting locksize to table to overcome this, still seeing periodic lock escalations (every hour or so) but only of abour 20 rows and for one application at a time. Given a 100MB lock list, why is escalation kicking in and only escalation about 2K of locks? MAXLOCKS would also...
|
by: Jack Russell |
last post by:
Is there some way I can "debug as administrator" in the same way I can
run as administrator?
Thanks
Jack Russell
|
by: Cupric |
last post by:
I have a python script that runs fine from the command line or from
within IDLE, but doesn't work through the Vista Task Scheduler.
The script downloads some csv files and then uses pywin32 to combine
the csv files into a single document. When I run it through the task
scheduler, it downloads the csv files, but then doesn't seem to launch
excel. I can't figure out what is wrong or how to add enough logging
to tell.
I'm using Python...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
