CR的代码文本

all for learning about the world
  订阅 订阅  :: 管理

windows7 阻止copyfile到windows目录的解决办法

Posted on 2013-12-09 14:26  mumuliang  阅读(4668)  评论(0编辑  收藏  举报

一、

windows7 x64,uac会阻止copyfile到c:/windows。提示拒绝访问。

[会引起uac提示的3种情况:

  • Administrator access token checks.
  • "All access" access requests in system protected locations.
  • Data writing to protected locations, such as %ProgramFiles%, %Windir%, and HKEY_LOCAL_MACHINE\Software.]

需要将程序性的UAC Executioin Level设置为 RequireAdministrator。有两种方法

方法1:

(已测有效,当PC UAC等级较低时,会全屏变暗提示需要Administrate权限。)

Linker->Manifest File->UAC Execution Level, AsInvoker==>RequireAdministrator

方法2:

添加manifest,在manifest文件中配置 requestedExecutionLevel 为 RequireAdministrator。with one of the following.

<requestedExecutionLevel  level="asInvoker" uiAccess="false" />
<requestedExecutionLevel  level="requireAdministrator" uiAccess="false" />
<requestedExecutionLevel  level="highestAvailable" uiAccess="false" />

具体操作参看:http://support.microsoft.com/kb/944276/zh-cn

 

二、(备用)

runas法。使用SellExecuteEx方法或者ProcessStartInfo类。

引用1:在Windows Vista里面,ShellExecuteExW lpVerb的参数可以传入runas命令,使得系统调用

          ShellExecuteExW 的时候,会强制将目标文件以完全admin模式启动,即使目标文件的manifest

          没有申明需要完全admin权限。

引用2:ShellExecuteEx是唯一一个微软允许触发UAC的进程启动函数。在Win7下使用Createprocess,

          如果发现权限不足,会直接失败,而ShellExecuteEx则是一个好的解决方法。

SHELLEXECUTEINFO shExInfo = {0};  
shExInfo.cbSize = sizeof(shExInfo);  
shExInfo.fMask = SEE_MASK_NOCLOSEPROCESS;  
shExInfo.hwnd = 0;  
shExInfo.lpVerb = _T("open");    // Operation to perform  
shExInfo.lpFile = enginePath;    // Application to start    
shExInfo.lpParameters = szBuf;   // Additional parameters  
shExInfo.lpDirectory = workingPath;  
shExInfo.nShow = SW_SHOW;  
shExInfo.hInstApp = 0; 
ShellExecuteEx(&shExInfo);


或者,To execute another process through UAC elevation: you use the ProcessStartInfo class; you also enable UseShellExecute and add “runas” for Verb:

            try
            {
                ProcessStartInfo proc = new ProcessStartInfo();
                proc.UseShellExecute = true;
                proc.WorkingDirectory = @"C:\Windows\System32\";
                proc.FileName = @"C:\Windows\System32\cmd.exe"; 
                proc.Verb = "runas"; 
                Process.Start(proc);
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);    
            } 

 

三、(备用)

Service法。

引用1:改成服务程序,或者另做一个服务程序加载现有程序。

 

四、(非正常手段)

来自:http://bbs.pediy.com/showthread.php?t=106650&page=3

引用1:对于Win7正式版(家庭高级版、家庭基础版、Professional的简体中文)都好使。其原理简述:
          win7有一批可信的文件(white list file),这些文件的敏感行为不会触发uac.
          因此,利用explorer将自身拷贝到其中一个文件的相同目录下,这里用的是sysrep.exe,命名为它

          使用的dll,sysrep.dll,然后CreateProcess sysrep.exe,使其加载dll,因为windows优先加载相同

          目录下的dll而非系统目录下的,所以我们的dll得以运行。

另:http://www.pretentiousname.com/misc/win7_uac_whitelist2.html#release

 

五、

1.UAC: All Information Developers need about the User Account Control (UAC)

http://social.msdn.microsoft.com/Forums/windowsdesktop/en-US/dd400cb9-d5fc-41b2-ad9d-6b91ce88c766/uac-all-information-developers-need-about-the-user-account-control-uac?forum=windowssecurity

2.MSDN的系列:Designing UAC Applications for Windows Vista

http://msdn.microsoft.com/en-us/library/bb756973.aspx

3.Windows Vista Application Development Requirements for User Account Control (UAC)

http://msdn.microsoft.com/en-us/library/aa905330.aspx

4.Designing UAC Applications for Windows Vista

http://msdn.microsoft.com/en-us/library/bb756973.aspx

5.User Account Control (win7)

http://technet.microsoft.com/en-us/library/cc731416(v=ws.10).aspx

6.Deploying Application Compatibility Databases for Windows 7

http://technet.microsoft.com/en-us/library/ee732413(v=ws.10).aspx

7.Designing UAC Applications for Windows Vista

http://msdn.microsoft.com/en-us/library/bb756973.aspx

8.进程Mandatory Level检查和自我提升权限

http://www.cnblogs.com/jialiang/archive/2010/03/23/uacselfelevation.html

 

六、

XP中,如果admin用户登录,使用的是一个admin的访问令牌。在vista和win7的uac中,用户持有2个访问令牌access token,无论是普通用户还是administrator,explorer都使用的是普通令牌,也就是桌面是从普通令牌打开的。

这里有一件很神奇的事。就是任务管理器,进程页的显示所有用户进程项,会自动提升访问令牌为admin。。。

The ActiveX Installer Service enables enterprises to delegate ActiveX control installation for standard users. This service ensures that routine business tasks are not impeded by failed ActiveX control installations and updates. Windows Vista also includes Group Policy settings that enable IT professionals to define Host URLs from which standard users can install ActiveX controls. The ActiveX Installer Service consists of a Windows service, a Group Policy administrative template, and some changes in Internet Explorer. The ActiveX Installer Service is an optional component, and will only be enabled on client computers where it is installed.