如何防止 Vista 要求 patch.exe 提升权限?

发布于 2024-07-13 20:47:37 字数 350 浏览 6 评论 0原文

[很抱歉,这不是一个直接的编程问题。 但我最近切换到了一台新的 Vista 机器,我在其中保持 UAC 启用(请不要告诉我禁用它,这不是一个选项)。]

每次我运行 gnu 的 patch.exe 时,我都会收到来自 Vista 的提升对话框。 如果我将 patch.exe 重命名为 foo.exe,它不会执行此操作,因此我认为这是 Vista 的“启发式”之一。

有谁知道如何禁用此功能? 这让我抓狂,谷歌也没有帮助。

或者我应该只为 patch.exe 添加一个清单来告诉系统不要尝试提升它? 这行得通吗?如果行得通,你如何做出这样的体现?

非常感谢,到目前为止,我已经用头撞墙一个小时了。

[I'm sorry that this isn't directly a programming question. But I have recently switched to a new Vista machine where I am keeping UAC enabled (please don't tell me to disable it, it's not an option).]

Every time I run gnu's patch.exe I get an elevation dialog from Vista. If I rename patch.exe to foo.exe it does not do this, so I assume this is one of Vista's "heuristics".

Does anyone know how to disable this? It's driving me nuts and the Googles aren't helping.

Or should I add a manifest just for patch.exe to tell the system NOT to try to elevate this? Will that work, and if so how do you make such a manifest?

Thanks so much, been banging my head against the wall for an hour on this so far.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

原野 2024-07-20 20:47:37

问题是您的应用程序不包含具有 requestedExecutionLevel 的程序集清单。

背景

所有正确编写的 Windows 应用程序都需要有程序集清单。 从 2006 年开始,您需要拥有的元素之一是 requestedExecutionLevel,它指定您的应用程序是否只能在用户是管理员的情况下运行。

如果您的应用程序没有程序集清单,或者没有requestedExecutionLevel,Windows 将假定它是旧版应用程序,并采取措施以使其保持运行。

遗留应用程序的一个兼容性问题是,其中一些可能是安装程序或更新程序,并且只能在以管理员身份运行时才能运行。 Windows 尝试通过文件名猜测这些应用程序:

  • 安装程序
  • 更新
  • 补丁

是否都是通过兼容性启发法捕获的文件名示例,这些文件名试图自动为用户提升权限。

如果应用程序没有程序集清单,则它不是有效编写的 Windows 应用程序。

正确的解决方案

正确的解决方案是添加所有正确的应用程序都将具有的程序集清单。 这禁用了启发式方法。

示例 UAC“asInvoker”清单:

<?xml version="1.0" encoding="utf-8"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
   <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
      <security>
         <requestedPrivileges>
            <requestedExecutionLevel level="asInvoker" />
         </requestedPrivileges>
      </security>
   </trustInfo>
</assembly> 

The problem is that your application does not contain an assembly manifest with a requestedExectutionLevel.

Background

All correctly written Windows applications are required to have an assembly manifest. And starting in 2006 one of the elements you're required to have is a requestedExecutionLevel that specifies if your application can only function if the user is an administrator.

If your application does not have an assembly manifest, or if it does not have a requestedExecutionLevel Windows will assume it is a legacy application, and do things to hopefully keep it running.

One compatibility thing for legacy applications is that some of them might be an installer, or an udpater, and can only function when run as administrator. Windows tries to guess these applications by their filenames:

  • setup
  • update
  • patch

Are all examples of filenames caught by compatibility heuristics that are trying to automatically elevate for the user.

If the application has no assembly manifest, then it is not a validly written Windows application.

The correct solution

The correct solution is to add the assembly manifest that all correct applications will have. This disabled the heuristics.

A sample UAC "asInvoker" manifest:

<?xml version="1.0" encoding="utf-8"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
   <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
      <security>
         <requestedPrivileges>
            <requestedExecutionLevel level="asInvoker" />
         </requestedPrivileges>
      </security>
   </trustInfo>
</assembly> 
节枝 2024-07-20 20:47:37

来自:

http://social .msdn.microsoft.com/Forums/en-US/windowsgeneraldevelopmentissues/thread/bf4f7dfa-5553-41d3-9c8e-311ee4a88599/

如果您可以将清单添加到
受影响的可执行文件声明
“asInvoker”的 requestExecutionLevel
它应该停止提示。

有关 UAC 体系结构和转换现有应用程序以便它们正常工作的相关指南(靠近页面底部五分之一):

http://technet.microsoft.com/en-us/library/cc709628.aspx

最后,如何编写这样的清单:

http://www.google.com/search?q=writing+a+uac+manifest

-Adam

From:
http://social.msdn.microsoft.com/Forums/en-US/windowsgeneraldevelopmentissues/thread/bf4f7dfa-5553-41d3-9c8e-311ee4a88599/

If you can add a manifest to the
affected executable declaring a
requestedExecutionLevel of 'asInvoker'
it should stop prompting.

Associated guide on UAC architecture and converting existing applications so they work correctly (near the bottom fifth of the page):

http://technet.microsoft.com/en-us/library/cc709628.aspx

Lastly, how to write such a manifest:

http://www.google.com/search?q=writing+a+uac+manifest

-Adam

俯瞰星空 2024-07-20 20:47:37

就我而言,我必须编写一个包装程序来执行以下操作:

1-将“patch.exe”文件复制到系统的临时文件夹(%TMP%)中,并使用另一个名称:“apply.exe”

2-执行“%TMP%” \apply.exe”以及所需的参数。

3-删除“%TMP%\apply.exe”文件

您不需要编写清单。

如果您需要计算“patch.exe”完整路径,假设.exe位于%PATH%环境变量中,则可以在C#中使用以下代码:

public string GetPatchInstallPath()
{
    StringDictionary env = 
    System.Diagnostics.Process.GetCurrentProcess().StartInfo.EnvironmentVariables;
    string pathEnvVble = env["PATH"];
    string[] paths = new string[]{};
    paths = pathEnvVble.Split(new char[] { ';' });

    foreach (string p in paths)
    {
       string fullPath = Path.Combine(p, "patch.exe");
       if (File.Exists(fullPath))
           return fullPath;
    }
    return string.Empty;
}

否则,您可以将patch.exe完整路径传递给包装器如果您不想将新条目添加到 patch.exe 位置的 %PATH% 变量中,请运行该程序。

In my case I had to write a wrapper program that makes the following:

1-Copy "patch.exe" file into the system's temp folder (%TMP%) with another name: "apply.exe"

2-Execute "%TMP%\apply.exe" with the desired arguments.

3-Delete "%TMP%\apply.exe" file

You won't need to write a manifest.

If you need to calculate the "patch.exe" full path, assuming the .exe is on the %PATH% environment variable, you can use the following code in C#:

public string GetPatchInstallPath()
{
    StringDictionary env = 
    System.Diagnostics.Process.GetCurrentProcess().StartInfo.EnvironmentVariables;
    string pathEnvVble = env["PATH"];
    string[] paths = new string[]{};
    paths = pathEnvVble.Split(new char[] { ';' });

    foreach (string p in paths)
    {
       string fullPath = Path.Combine(p, "patch.exe");
       if (File.Exists(fullPath))
           return fullPath;
    }
    return string.Empty;
}

Otherwise, you can pass the patch.exe full path to your wrapper program if you don't want to add a new entry to the %PATH% variable for your patch.exe location.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文