Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Run a program as user identity but with elevated privileges

Scenario:

An administrator will install the application. The application has some kernel level operations so, it has to run with privileged mode. But the user does not have administrator credentials to run the application in elevated mode.

So, what are the best possibility to solve the above scenario.

Solution one (tried): While installing the application through administrator, we would create an admin where we know his user name and password. So, when the user tries to perform any operation, we will run the application as elevated mode using the functions processstartinfo() and process.start() in c#. But, the application runs in admin name, so the mapped drives for the user are not visible as this admin is not in the ACL list. So, this method is getting ruled out.

Can there be a solution where elevating the user it self as admin till the operation is completed using c# application?

I'm stuck and I don't find any articles to read upon on this.

Edit : At an enterprise level, the windows doesn't ask for admin creds for using bitlocker. So, we want to achieve the same type of functionality.

Is it possible?

Can anyone please help?

Thank you.

like image 369
Susarla Nikhilesh Avatar asked Dec 31 '18 06:12

Susarla Nikhilesh


1 Answers

The solution that I did was to separate the program into two parts. One part runs as a service that is run using admin privileges and the other part runs using normal privileges. The communication between the two programs can run via Ethernet or using shared memory.

like image 180
Joe Sonderegger Avatar answered Nov 11 '22 18:11

Joe Sonderegger