elevated-privileges

问题 Both system() and execve() can be used to execute another command inside a program. Why in set-UID programs, system() is dangerous, while execve() is safe ? 回答1: system will call the shell (sh) to execute the command sent as an argument. The problem with system because the shell behavior depends on the user who run the command. A small example: Creating a file test.c : #include <stdio.h> int main(void) { if (system ("ls") != 0) printf("Error!"); return 0; } Then: $ gcc test.c -o test $ sudo

问题 I have an application that would check for updates upon start and, if updates are found, it would copy some files over the network to the program files folder. Obviously such task can't be performed by Standard Users under normal scenarios. I tried creating a service to do the update process but I had some security issues and I asked this question about it in superusers. Now, considering the fact that most applications require elevated privileges to perform such task I think that might be the

问题 I am writing an installer in Java that will accordingly require elevated privileges to access the Program Files directory. Based on information that I've found online, I've written an implementation as follows: public static void main(String args[]) { if (!checkPrivileges()) { // spawn a copy w/ elevated privileges Runtime runtime = Runtime.getRuntime(); try { Process p = runtime.exec( "runas /profile /user:Administrator \"java -cp . main.Main\""); } catch (IOException e) { ... } } else { //

问题 I have some utility methods that uses Microsoft.Web.Administration.ServerManager that I've been having some issues with. Use the following dead simple code for illustration purposes. using(var mgr = new ServerManager()) { foreach(var site in mgr.Sites) { Console.WriteLine(site.Name); } } If I put that code directly in a console application and run it, it will get and list the IIS express websites. If I run that app from an elevated command prompt, it will list the IIS7 websites. A little

问题 I am writing a Windows batch file that automatically escalates itself to administrative permissions, provided the user clicks "Yes" on the User Access Control dialog that appears. I am using a technique I learned here to detect whether we already have admin rights and another from here to escalate. When appropriate, the following script, let's call it foo.bat , re-launches itself via a powershell-mediated call to runas : @echo off net session >NUL 2>NUL if %ERRORLEVEL% NEQ 0 ( powershell

问题 For my C# app, I don't want to always prompt for elevation on application start, but if they choose an output path that is UAC protected then I need to request elevation. So, how do I check if a path is UAC protected and then how do I request elevation mid-execution? 回答1: The best way to detect if they are unable to perform an action is to attempt it and catch the UnauthorizedAccessException . However as @DannySmurf correctly points out you can only elevate a COM object or separate process.

问题 Inno Setup installer has the PrivilegesRequired directive that can be used to control, if privileges elevation is required, when installer is starting. I want my installer to work even for non-admin users (no problem about installing my app to user folder, instead of the Program Files ). So I set the PrivilegesRequired to none (undocumented value). This makes UAC prompt popup for admin users only, so they can install even to the Program Files . No UAC prompt for non-admin users, so even them

问题 I am writing an electron app that I need to run with admin access (like sudo).I haven't created any installer for that app. I know that I can write sudo electron . in linux to start my app as root but what about windows? Is there any similar command? 回答1: You can open Command Prompt as Administrator and then run the app via electron . 来源： https://stackoverflow.com/questions/45448049/run-electron-app-as-admin-windows

问题 Ok, I understand the concept of creating encrypted credentials and storing it in the powershell script Powershell how to encrypt connectionstring to database But how do I make the powershell script run with elevated credentials when it is being automatically invoked by a third party program? Below is the code that works beautifully when I manually use "run-as", and I get the last user logged on $userID=$NULL $line_array = @() $multi_array = @() [hashtable]$my_hash = @{} foreach ($i in $args){

问题 Given that the web application doesn't have su privileges, I'd like to execute a shell script that requires sudo. I'd also like to avoid having the user input the password. What are my options? This is basically what I'm trying to do. Wicket Application (Form for changing the IP) @Override protected void onSubmit() { System.out.println("Submitted"); try { Shell.updateIp("eth0", "192.168.217.129"); } catch (IOException e) { e.printStackTrace(); } } Shell.java public static void updateIp(String