Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to check if a process has the administrative rights

Tags:

c++

winapi

How do I properly check if a process is running with administrative rights?

I checked the IsUserAnAdim function in MSDN, but it is not recommended as it might be altered or unavailable in subsequent versions of Windows. Instead, it is recommended to use the CheckTokenMembership function.

Then I looked at the alternate example in MSDN from a description of the CheckTokenMembership function. However, there is Stefan Ozminski's comment in MSDN that mentions that this example does not work properly in Windows Vista if UAC is disabled.

Finally I tried to use Stefan Ozminski's code from MSDN, but it determines that the process has administrative rights even if I launch it under an ordinary user without the administrative rights in Windows 7.

like image 987
Vitaly Avatar asked Nov 08 '11 04:11

Vitaly


People also ask

How do I check permissions on a process?

Open one terminal window, and run the command: watch -n 1 "ps aux | grep passwd". This will watch for the passwd process. Open a second terminal window and run: passwd. Look at the first terminal window, you'll see a process come up for passwd.

How do I find out which app has administrator permission?

Select Start > Settings > Privacy. Select the app (for example, Calendar) and choose which app permissions are on or off. The Privacy page won't list apps with permission to use all system resources.

How do I know if I am running as administrator in CMD?

You should use "net session" command and look for an error return code of "0" to verify administrator rights.


2 Answers

This will tell you if you are running with elevated privileges or not. You can set the manifest to run with most possible if you want it to prompt. There are also other ways to ask windows through code for alternate credentials.

 BOOL IsElevated( ) {     BOOL fRet = FALSE;     HANDLE hToken = NULL;     if( OpenProcessToken( GetCurrentProcess( ),TOKEN_QUERY,&hToken ) ) {         TOKEN_ELEVATION Elevation;         DWORD cbSize = sizeof( TOKEN_ELEVATION );         if( GetTokenInformation( hToken, TokenElevation, &Elevation, sizeof( Elevation ), &cbSize ) ) {             fRet = Elevation.TokenIsElevated;         }     }     if( hToken ) {         CloseHandle( hToken );     }     return fRet; } 
like image 157
Beached Avatar answered Oct 06 '22 09:10

Beached


You can use LsaOpenPolicy() function. The LsaOpenPolicy function opens a handle to the Policy object on a local or remote system.

You must run the process "As Administrator" so that the call doesn't fail with ERROR_ACCESS_DENIED.

Source: MSDN

like image 23
J.Doe Avatar answered Oct 06 '22 10:10

J.Doe