Best IT Recipes

How to UAC raise a COM component using .NET

I found an article on how to raise a COM object written in C ++ by calling CoCreateInstanceAsAdmin . But what I could not find or do was a way to implement the component of my .NET application (C #) as a COM object, and then call this object to perform tasks that require a higher UAC. MSDN documents this as an administrative COM model of an object .

I know that it is possible and quite simple to run an application (or another application) as an administrator to perform tasks in a separate process (see, for example, a message from Daniel Moth , but what I'm looking for is a way to do everything from one and of the same outstanding .NET executable. This, of course, will call the COM object into a new process, but thanks to transparent sorting, the calling .NET COM object should not (too much) know about it.

Any ideas on how I can create a COM object written in C # from a C # project, through the CoCreateInstanceAsAdmin API, will be very helpful. Therefore, I am really interested in learning how to write a COM object in C #, which I can then call from C # through the COM-level APIs.

Do not pay attention if the elevated COM object does not start in the same process. I just don't want to run the whole application elevated; I would just like the COM object that will execute the code to be promoted. If I could write something line by line:

 // in a dedicated assembly, marked with the following attributes: [assembly: ComVisible (true)] [assembly: Guid ("....")] public class ElevatedClass { public void X() { /* do something */ } }

and then my main application just initiates an ElevatedClass through a call to CoCreateInstanceAsAdmin . But maybe I'm just dreaming.

+14
c # uac com elevation
Sep 24 '08 at 13:13
source share
3 answers

See Sample Code for Windows Vista UAC Demo

(You will also need Vista Bridge for the UnsafeNativeMethods.CoGetObject method)

What gives you C # code that shows several different ways to raise, including a COM object

(Incomplete sample code - grab the files above)

 [return: MarshalAs(UnmanagedType.Interface)] static internal object LaunchElevatedCOMObject(Guid Clsid, Guid InterfaceID) { string CLSID = Clsid.ToString("B"); // B formatting directive: returns {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} string monikerName = "Elevation:Administrator!new:" + CLSID; NativeMethods.BIND_OPTS3 bo = new NativeMethods.BIND_OPTS3(); bo.cbStruct = (uint)Marshal.SizeOf(bo); bo.hwnd = IntPtr.Zero; bo.dwClassContext = (int)NativeMethods.CLSCTX.CLSCTX_ALL; object retVal = UnsafeNativeMethods.CoGetObject(monikerName, ref bo, InterfaceID); return (retVal); }
+8
Nov 22 '08 at 21:52
source share

Elevation elements are processes. So, if I understand your question correctly and you need a way to raise a COM object into your process, then you cannot answer. The whole point of CoCreateInstanceAsAdmin is NOT to run it in your process.

+2
Sep 24 '08 at 15:00
source share

I think the only way CoCreateInstanceAsAdmin works is that you have registered the COM component in advance. This can be a problem if you plan to use the application in your XCopy setup.

For my own purposes in Gallio, I decided to create a small hosting process on the side with a manifest requiring administrator privileges. Then, when I need to perform an enhanced action, I deploy an instance of the hosting process and instruct it through .Net to execute a specific command registered in the Gallio Inversion of Control container.

This is fair work, but Gallio already had a way out of the hosting process, so adding height to the mix was not too difficult. Moreover, this mechanism ensures that Gallio can perform privilege escalation without having to install any other COM components in the registry first.

+2
May 26 '09 at 21:00
source share


More articles:


All Articles