Vista UAC privelege elevation
No doubt everyone has already seen UAC in action, and the privilege elevation prompt - the one that grays out the whole screen and asks whether user wants to continue with the operation that requested such elevation.
Well, just be aware that legacy means for launching external processes within your application no longer work (well they do work, if new process does not require higher privileges). For example, CreateProcess will return a new error code ERROR_ELEVATION_REQUIRED, if the external process application is trying to launch requires higher privileges.
According to Microsoft, we must now use ShellExecuteEx (or ShellExecute), with lpVerb = "open". This will correctly prompt user with the new Vista elevation UI.
Here's a link to Vista compatibility team blog talking about this: http://blogs.msdn.com/vistacompatteam/archive/2006/10/02/Elevation-and-process-creation-APIs.aspx
Note:My comment about using lpVerb = "open" relates to the fact that "open" is the default verb and is normally used to launch .exe files. According to the blog, you can also use a "runas" verb, to force privilege elevation regardless of the .exe manifest, but I personally wouldn't do that unless it was absolutely necessary - we should let target process determine (via manifest) whether it needs special privileges or not.
No comments:
Post a Comment