Run .NET Programs as Administrator on Vista
User Account Control (UAC) protects Vista by preventing malware from executing various tasks that modify the operating system, its files or configuration. If you develop software that requires this access, you must elevate your program's privileges.
User Account Control
Microsoft Vista introduced a new security system named User Account Control (UAC). This system limits application software by providing only standard privileges, even if the current user is an administrator. If a program attempts to modify operating system settings, write data to system folders or perform other restricted tasks, the action is prevented unless authorised by the user. This is beneficial when combating malware and viruses as such program are unable to damage the operating system.
Run as Administrator
When a program is designed to perform administrative tasks, it must run in a special administrative mode in order to elevate its permissions. When a program attempts this, the UAC system displays a prompt to the user. The prompt explains that a program wants to run as an administrative user and gives the user the option to allow it or to halt execution immediately. As the user should be expecting the software to perform administrative tasks, they will normally allow it to continue. If they receive an unexpected prompt they should be suspicious.
There are various manners in which to execute a program as an administrator. The most basic of these is to run a program by right-clicking its executable file or shortcut and selecting "Run as administrator" from the menu that appears. It is also possible to modify a shortcut so that an application always runs with administrative permissions. However, this solution is rather inelegant and somewhat restrictive. It also assumes that the user will always execute the program in this manner.
A better solution to the problem is to modify your software so that it always executes as an administrator. Depending upon the scope of the application, you should approach this in different ways. If the program is a purely administrative utility, running as an administrator on every occasion is suitable. However, if your software only requires elevated permissions for a small number of seldom-used tasks, you should extract these tasks into their own separate executable. Your main program can then run as a standard user. When it needs to perform an administrative task, it should simply start one of the other programs as a new process. The advantage for the user is that they only see UAC confirmation prompts when they request such a function and not every time they start the software.
Enabling Run as Administrator Within an Application
Modifying a program so that it executes as an administrator is a relatively simple process when using Visual Studio 2008 or Visual C# 2008 Express Edition. You add an application manifest to your project and change a single setting within the new file. To add a manifest, right-click the project in the Visual Studio Solution Explorer and choose the Add submenu from the context-sensitive menu that appear. Click "New Item" to display the Add New Item dialog box. Alternatively, select "Add New Item" from the Project menu.
The Add New Item dialog box should show an icon for "Application Manifest File". When you select this option, the filename for the new item defaults to app.manifest. Click the Add button to add the new file.
The application manifest file contains various settings in an XML format. The important item for our purposes is the requestedExecutionLevel setting. The standard setting will be similar to the following:
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
The level attribute has a default value of "asInvoker". This indicates that the program will run under the current user's settings. This means that no administrative privileges will be available. To specify that the program will run as an administrator, adjust the setting to "requireAdministrator" as follows:
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
You can now compile the program. Once the build is complete, browse to the folder containing the newly generated executable file. You should see that the program's icon includes a shield to indicate that it requires elevated permissions. When you double-click the icon to run the program you will be presented with a UAC prompt before the new privileges are activated.
11 February 2009