private bool IsElevationNeededToAccessVisualStudio() { if (!possiblyRunningInIE) { return(false); } ProcessIntegrityLevel integrityLevel = ProcessSupport.ProcessIntegrityLevel; return(integrityLevel != ProcessIntegrityLevel.Unknown && integrityLevel < ProcessIntegrityLevel.Medium); }
public static ProcessIntegrityLevel ToProcessIntegrityLevel(this string tempString) { ProcessIntegrityLevel integrityLevel = ProcessIntegrityLevel.None; if (tempString.Equals(System, StringComparison.CurrentCultureIgnoreCase)) { integrityLevel = ProcessIntegrityLevel.System; } else if (tempString.Equals(High, StringComparison.CurrentCultureIgnoreCase)) { integrityLevel = ProcessIntegrityLevel.High; } else if (tempString.Equals(Medium, StringComparison.CurrentCultureIgnoreCase)) { integrityLevel = ProcessIntegrityLevel.Medium; } else if (tempString.Equals(Low, StringComparison.CurrentCultureIgnoreCase)) { integrityLevel = ProcessIntegrityLevel.Low; } return(integrityLevel); }
/// <summary> /// Creates a <see cref="Process" /> with the specified commandline and the specified <see cref="ProcessIntegrityLevel" />. If process creation fails, a <see cref="Win32Exception" /> is thrown. This is typically used to create processes with lower integrity. /// </summary> /// <param name="commandLine">A <see cref="string" /> specifying the commandline to create the <see cref="Process" /> with.</param> /// <param name="integrityLevel">The <see cref="ProcessIntegrityLevel" /> to create the <see cref="Process" /> with. This is usually lower than the <see cref="ProcessIntegrityLevel" /> of the current <see cref="Process" />.</param> /// <returns> /// The <see cref="Process" /> this method creates. /// </returns> public static Process StartWithIntegrity(string commandLine, ProcessIntegrityLevel integrityLevel) { Check.ArgumentNull(commandLine, nameof(commandLine)); IntPtr token = IntPtr.Zero; IntPtr newToken = IntPtr.Zero; IntPtr integritySid = IntPtr.Zero; IntPtr tokenInfoPtr = IntPtr.Zero; Native.StartupInfo startupInfo = new Native.StartupInfo(); Native.ProcessInformation processInformation = new Native.ProcessInformation(); try { using (Process process = Process.GetCurrentProcess()) { token = process.OpenToken(0x8b); } if (token != IntPtr.Zero && Native.DuplicateTokenEx(token, 0, IntPtr.Zero, 2, 1, out newToken)) { Native.SidIdentifierAuthority securityMandatoryLabelAuthority = new Native.SidIdentifierAuthority { Value = new byte[] { 0, 0, 0, 0, 0, 16 } }; if (Native.AllocateAndInitializeSid(ref securityMandatoryLabelAuthority, 1, (int)integrityLevel, 0, 0, 0, 0, 0, 0, 0, out integritySid)) { Native.TokenMandatoryLabel mandatoryTokenLabel; mandatoryTokenLabel.Label.Attributes = 0x20; mandatoryTokenLabel.Label.Sid = integritySid; int tokenInfo = Marshal.SizeOf(mandatoryTokenLabel); tokenInfoPtr = Marshal.AllocHGlobal(tokenInfo); Marshal.StructureToPtr(mandatoryTokenLabel, tokenInfoPtr, false); if (Native.SetTokenInformation(newToken, 25, tokenInfoPtr, tokenInfo + Native.GetLengthSid(integritySid))) { startupInfo.StructSize = Marshal.SizeOf(startupInfo); if (Native.CreateProcessAsUser(newToken, null, commandLine, IntPtr.Zero, IntPtr.Zero, false, 0, IntPtr.Zero, null, ref startupInfo, out processInformation)) { return(Process.GetProcessById(processInformation.ProcessId)); } } } } } finally { if (token != IntPtr.Zero) { Native.CloseHandle(token); } if (newToken != IntPtr.Zero) { Native.CloseHandle(newToken); } if (integritySid != IntPtr.Zero) { Native.FreeSid(integritySid); } if (tokenInfoPtr != IntPtr.Zero) { Marshal.FreeHGlobal(tokenInfoPtr); } if (processInformation.Process != IntPtr.Zero) { Native.CloseHandle(processInformation.Process); } if (processInformation.Thread != IntPtr.Zero) { Native.CloseHandle(processInformation.Thread); } } throw Throw.Win32("Process could not be created."); }