我已经创建了启动两种类型的流程的流程处理:即升高与管理员用户名和密码,另一个正常运行,没有任何用户名和密码输入一。
I've created a process handler which starts two types of processes: One that is elevated with administrator username and password Another that runs normally without any username and password input.
我struggeling弄清楚如何从高架进程中取得的输出。这将启动过程中的应用,并不需要管理员凭据来运行,管理员凭据在一个单独的加密的XML文件,应用程序使用的脚本以及需要管理员凭据等地输入。
I'm struggeling to figure out how I can get output from the elevated process. The application which starts the process, does not require Admin credentials to run, the admin credentials are entered in a seperate encrypted xml file, which the application uses in scripts and other places where admin credentials are required.
由于应用程序与普通用户运行,访问这些应用程序已启动提升进程,似乎是出了问题。我可以启动一个过程,我可以很容易地检查它是否做了它是什么suppoused,但我不能读它为一个字符串或日志的操作。
Since the application is run with a normal user, accessing elevated processes which the application has started, seems to be out of the question. I can start a process and I can easily check if it has done what it is suppoused to, but I cannot read its action to a string or a log.
public bool CreateProcessWithAdminRights(string filePath, string commandlineArgument, bool log) { if (!string.IsNullOrEmpty(filePath) && !string.IsNullOrEmpty(commandlineArgument) && _user.UserDataExsists()) { var securePassword = GetSecureString(_user.Password); ToolsProvider.Logger.Debug("Creating process with the following filepath: {0} and commandline argument: {1}", filePath, commandlineArgument.Replace(_user.Password, "<REPLACED>")); ToolsProvider.Logger.Info("Creating Process with admin rights for {0} against {1}", _user.Name ); _proc = new Process { StartInfo = { FileName = @filePath, Arguments = commandlineArgument, ErrorDialog = false, RedirectStandardInput = false, RedirectStandardOutput = _log, RedirectStandardError = _log, UseShellExecute = false, CreateNoWindow = true, WindowStyle = ProcessWindowStyle.Hidden, UserName = _user.Name, Password = securePassword, Domain = _user.Domain } }; _proc.ErrorDataReceived += ErrorDataReceived; _proc.OutputDataReceived += OutputDataReceived; return true; } return false; }
进程是使用启动:
The process is started using:
private bool StartProcess() { if (_proc != null) { try { _proc.Start(); _proc.BeginErrorReadLine(); _proc.BeginOutputReadLine(); _proc.WaitForExit(); _proc.CancelOutputRead(); _proc.CancelErrorRead(); if (_standardOutput.Length > 2) { // use writeline, the builder itself will add the DEBUG / info tag ToolsProvider.Logger.WriteLine(_standardOutput.ToString()); } if (_errorBuilder.Length > 2) { // use writeline, the builder itself will add the DEBUG / info tag ToolsProvider.Logger.WriteLine(_errorBuilder.ToString()); } return true; } catch (Win32Exception ex) { ToolsProvider.Logger.Error( "Missing file while trying to run an action: " + _proc.StartInfo.FileName, ex.Message); } } ToolsProvider.Logger.Error(""); return false; }
我试着用冒领类以及与启动过程而不加入到过程中的管理凭证。冒领类没有做任何事情,但告诉我,我没有acccess,eventhough我是冒充管理员...
I've tried starting the process using an Impersonator class as well, with and without the admin credentials added to the process. The impersonator class didn't do anything but tell me that I didn't have acccess, eventhough I was impersonating an administrator ...
我得到了冒领类从这里
freshclickmedia.co.uk/2008/11/programmatic-impersonation-in-c/
所以,我怎么标准,ERROROUTPUT从提升的过程中,不升高的过程?
So, how do I get standard and erroroutput from an elevated process in a process which isn't elevated?
推荐答案您不能除非黑客系统和/或利用一些bug和/或写一些内核级的代码(即驱动程序)来规避这些安全措施...
You can't except by hacking the system and/or exploiting some bug and/or writing some kernel-level code (i.e. driver) to circumvent these security measures...
只是想想这种可能性将意味着 - 海拔会变得毫无意义,因为总有那么一个系统中的一些提升进程可能有这些手段操纵......所以答案是NO ...
Just think about what this possibility would mean - elevation would become meaningless since there are always some elevated processes in a system which could be manipulated by such means... so the answer is NO...
您应该能够什么做的是输出重定向到一个文件(例如> C:\MyLog.txt ),后来阅读文件...
What you should be able to do is redirect the output to a file (for example > C:\MyLog.txt) and later on read that file...
想想不同的设计不需要这种访问...
Think about a different design which does not require this sort of access...
更多推荐
获取错误和标准输出从提升的子进程
发布评论