java getRuntime().exec an exe that requires UAC - McMap

About

java getRuntime().exec an exe that requires UAC

Asked 12/4, 2011 at 23:42 Answered 13/4, 2011 at 14:6

Solved java windows windows-server-2008 uac runtime.exec

E

1

1

So we have a java process that runs as a windows service. It needs to execute a command with Runtime.getRuntime().exec(command). The command it executes requires UAC. This is on windows server 2008 and sounds like you cannot disable UAC for a single executable so is there any other way to make this work?

Erewhile answered 12/4, 2011 at 23:42 Comment(3)

looks like applying a manifest to the executable may be an option sourceforge.net/tracker/… (have to expand comments) – Erewhile 12/4, 2011 at 23:55

possible duplicate of Java: run as administrator - read the accepted answer ... – Referential 13/4, 2011 at 1:26

See Requested for admin privileges for Java app on Windows Vista/7 – Patrol 13/4, 2011 at 6:38

P

5

If your Java application runs as a windows service, it most likely runs under one of the system accounts: SYSTEM (most probable), LOCAL SERVICE, or NETWORK SERVICE. Thus if the service runs under SYSTEM account, everything you start from the service will inherit the account. Anyway your service must be allowed to interact with Desktop.

To summarize, if your process run as elevated, then processes started from it will also run elevated.

To elevate, you have to use ShellExecute or ShellExecuteEx functions of Windows API. If the .exe you're starting is marked with level=requireAdministrator in its manifest, the shell will display UAC dialog. If it's not marked, you can use runas verb/operation to force UAC confirmation dialog. Note: runas on Windows XP will show "Run as another user" dialog.

If Runtime.getRuntime().exec(command) is implemented via ShellExecute, then marking the .exe with appropriate manifest will work; if exec uses CreateProcess, the process will be started with current user privileges, i.e. not elevated; moreover the process will not be started at all if .exe has requireAdministrator in its manifest.

Pfeifer answered 13/4, 2011 at 14:6 Comment(4)

thanks Alexey, I think the exe in particular (patch.exe from UnxUtils) does not have a proper manifest defined. Using patch.exe from cygwin doesn't popup UAC (or fail with permission denied) so I assume it does. – Erewhile 13/4, 2011 at 17:32

@Erewhile Glad it helped. You can check for manifest by viewing .exe file. In case of cygwin, I guess you can add a manifest to it if it does help. – Pfeifer 14/4, 2011 at 8:47

yeah thanks again. what tool do you use to see an exe's UAC manifest? – Erewhile 14/4, 2011 at 14:52

@Erewhile Notepad will do (yet it's slow if .exe is large); I use Far Manager. Then just search for "manifest" – if it's there, you'll see XML. – Pfeifer 14/4, 2011 at 16:44

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.