Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Possible to use Impersonation when launching a non-exe process in C#?

I need to be able to run a process as a different user, and I've found plenty of resources and different methods to do this. The problem is, I need to run a non-exe process, e.g. a path with html extension, or in my case, "http://somewebserver/someApp.application".

There's a known problem in which launched processes don't inherit impersonation contexts from their launcher, and there's also a known problem in which processes launched under different credentials need to be executable files (.exe).

But how would I launch a .application file (for example) as a different user?

(I've tried all sorts of combinations of p/invoking CreateProcessWithLoginW, setting user/password credentials in ProcessStartInfo, etc. Each face the same limitations mentioned above.)

like image 605
vargonian Avatar asked Feb 08 '10 23:02

vargonian


1 Answers

When launching a non-exe, it's actually just the shell looking up the exe to use for the file or URL. There's still an exe involved.

Since the shell is already running, it's not going to inherit your impersonation. You could look up the exe yourself in the registry and then call CreateProcessWithLoginW, essentially simulating what the shell is doing for you.

For example, to open a .txt file, look in "HKEY_CLASSES_ROOT\.txt". There you'll see the type is "txtfile." Then look up "HKEY_CLASSES_ROOT\txtfile\shell\open\command" and you'll see what exe file the shell will use, which is (normally) "%SystemRoot%\system32\NOTEPAD.EXE %1".

like image 164
Adam Ruth Avatar answered Oct 07 '22 14:10

Adam Ruth