3
是否可以禁用以管理員身份運行的應用程序,以允許其僅以本地用戶身份運行。如何強制某個應用程序不能以管理員身份運行
是否可以禁用以管理員身份運行的應用程序,以允許其僅以本地用戶身份運行。如何強制某個應用程序不能以管理員身份運行
我不認爲你可以阻止以管理員身份啓動進程;但是,您可以檢查它是否正在使用提升的特權執行,如果是這種情況,請退出。
static bool IsRunningWithElevatedPrivileges()
{
IntPtr hToken;
int sizeofTokenElevationType = Marshal.SizeOf(typeof(int));
IntPtr pElevationType =
Marshal.AllocHGlobal(sizeofTokenElevationType);
if (OpenProcessToken(GetCurrentProcess(), TokenQuery, out hToken))
{
uint dwSize;
if (GetTokenInformation(hToken,
TokenInformationClass.TokenElevationType, pElevationType,
(uint)sizeofTokenElevationType, out dwSize))
{
TokenElevationType elevationType = (TokenElevationType)Marshal.ReadInt32(pElevationType);
Marshal.FreeHGlobal(pElevationType);
switch (elevationType)
{
case TokenElevationType.TokenElevationTypeFull:
return true;
default:
//case TokenElevationType.TokenElevationTypeLimited:
//case TokenElevationType.TokenElevationTypeDefault:
return false;
}
}
}
return false;
}
[DllImport("kernel32.dll")]
static extern IntPtr GetCurrentProcess();
[DllImport("advapi32.dll", SetLastError = true)]
static extern bool OpenProcessToken(
IntPtr processHandle,
uint desiredAccess,
out IntPtr tokenHandle);
[DllImport("advapi32.dll", SetLastError = true)]
static extern bool GetTokenInformation(
IntPtr tokenHandle,
TokenInformationClass tokenInformationClass,
IntPtr tokenInformation,
uint tokenInformationLength,
out uint returnLength);
const UInt32 TokenQuery = 0x0008;
enum TokenElevationType
{
TokenElevationTypeDefault = 1,
TokenElevationTypeFull,
TokenElevationTypeLimited
}
enum TokenInformationClass
{
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass
}
@elyashiv看起來像Windows Vista或Windows 7中的一個或兩個,因爲沒有其他版本的Windows支持UAC,它作爲此問題的標記。 – 2012-08-12 12:46:20
請看這[問題](http://stackoverflow.com/questions/2051415/how-to-launch-an-exe-at-user-level-from-a-higher-level?rq=1) – Steve 2012-08-12 12:49:39
如果正在運行的用戶在管理員組中,則退出。 – 2012-08-12 13:05:44