获取错误和标准输出从提升的子进程

本文介绍了获取错误和标准输出从提升的子进程的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我已经创建了启动两种类型的流程的流程处理：即升高与管理员用户名和密码，另一个正常运行，没有任何用户名和密码输入一。

I've created a process handler which starts two types of processes: One that is elevated with administrator username and password Another that runs normally without any username and password input.

我struggeling弄清楚如何从高架进程中取得的输出。这将启动过程中的应用，并不需要管理员凭据来运行，管理员凭据在一个单独的加密的XML文件，应用程序使用的脚本以及需要管理员凭据等地输入。

I'm struggeling to figure out how I can get output from the elevated process. The application which starts the process, does not require Admin credentials to run, the admin credentials are entered in a seperate encrypted xml file, which the application uses in scripts and other places where admin credentials are required.

由于应用程序与普通用户运行，访问这些应用程序已启动提升进程，似乎是出了问题。我可以启动一个过程，我可以很容易地检查它是否做了它是什么suppoused，但我不能读它为一个字符串或日志的操作。

Since the application is run with a normal user, accessing elevated processes which the application has started, seems to be out of the question. I can start a process and I can easily check if it has done what it is suppoused to, but I cannot read its action to a string or a log.

public bool CreateProcessWithAdminRights(string filePath, string commandlineArgument, bool log) { if (!string.IsNullOrEmpty(filePath) && !string.IsNullOrEmpty(commandlineArgument) && _user.UserDataExsists()) { var securePassword = GetSecureString(_user.Password); ToolsProvider.Logger.Debug("Creating process with the following filepath: {0} and commandline argument: {1}", filePath, commandlineArgument.Replace(_user.Password, "<REPLACED>")); ToolsProvider.Logger.Info("Creating Process with admin rights for {0} against {1}", _user.Name ); _proc = new Process { StartInfo = { FileName = @filePath, Arguments = commandlineArgument, ErrorDialog = false, RedirectStandardInput = false, RedirectStandardOutput = _log, RedirectStandardError = _log, UseShellExecute = false, CreateNoWindow = true, WindowStyle = ProcessWindowStyle.Hidden, UserName = _user.Name, Password = securePassword, Domain = _user.Domain } }; _proc.ErrorDataReceived += ErrorDataReceived; _proc.OutputDataReceived += OutputDataReceived; return true; } return false; }

进程是使用启动：

The process is started using:

private bool StartProcess() { if (_proc != null) { try { _proc.Start(); _proc.BeginErrorReadLine(); _proc.BeginOutputReadLine(); _proc.WaitForExit(); _proc.CancelOutputRead(); _proc.CancelErrorRead(); if (_standardOutput.Length > 2) { // use writeline, the builder itself will add the DEBUG / info tag ToolsProvider.Logger.WriteLine(_standardOutput.ToString()); } if (_errorBuilder.Length > 2) { // use writeline, the builder itself will add the DEBUG / info tag ToolsProvider.Logger.WriteLine(_errorBuilder.ToString()); } return true; } catch (Win32Exception ex) { ToolsProvider.Logger.Error( "Missing file while trying to run an action: " + _proc.StartInfo.FileName, ex.Message); } } ToolsProvider.Logger.Error(""); return false; }

我试着用冒领类以及与启动过程而不加入到过程中的管理凭证。冒领类没有做任何事情，但告诉我，我没有acccess，eventhough我是冒充管理员...

I've tried starting the process using an Impersonator class as well, with and without the admin credentials added to the process. The impersonator class didn't do anything but tell me that I didn't have acccess, eventhough I was impersonating an administrator ...

我得到了冒领类从这里

freshclickmedia.co.uk/2008/11/programmatic-impersonation-in-c/

所以，我怎么标准，ERROROUTPUT从提升的过程中，不升高的过程？

So, how do I get standard and erroroutput from an elevated process in a process which isn't elevated?

推荐答案

您不能除非黑客系统和/或利用一些bug和/或写一些内核级的代码（即驱动程序）来规避这些安全措施...

You can't except by hacking the system and/or exploiting some bug and/or writing some kernel-level code (i.e. driver) to circumvent these security measures...

只是想想这种可能性将意味着 - 海拔会变得毫无意义，因为总有那么一个系统中的一些提升进程可能有这些手段操纵......所以答案是NO ...

Just think about what this possibility would mean - elevation would become meaningless since there are always some elevated processes in a system which could be manipulated by such means... so the answer is NO...

您应该能够什么做的是输出重定向到一个文件（例如> C：\MyLog.txt ），后来阅读文件...

What you should be able to do is redirect the output to a file (for example > C:\MyLog.txt) and later on read that file...

想想不同的设计不需要这种访问...

Think about a different design which does not require this sort of access...