怎么以SYSTEM权限运行程序啊
如何以SYSTEM权限运行程序啊?
问2个问题
1 我用vb.net运行的程序如何以system权限运行啊?添加什么样的代码能实现?
2 用vb.net编写的程序通过局域网共享运行的时候会提示权限不足,怎么能解决这个问题呢?
------解决方案--------------------
// Initialize new Trustee (here a local accoun as sample)
try {
trustee = new ManagementClass( @ "Win32_Trustee " );
// trustee.Properties[ "Domain "].Value = " "; // if domain other then local
machine
trustee.Properties[ "Name "].Value = TrusteeName;
}
// catch if non existing trustee
catch (Exception e)
{
Console.WriteLine(e.Message);
return false;
}
try {
ace = new ManagementClass( @ "Win32_ACE " );
ace.Properties[ "AccessMask "].Value = Mask;
ace.Properties[ "AceFlags "].Value = AceFlags.NoPropagateInheritAce;
ace.Properties[ "AceType "].Value = AceType.AccessAllowed;
ace.Properties[ "Trustee "].Value = trustee;
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return false;
}
Console.WriteLine(newDACL.Length);
newDACL.SetValue(ace, newDACL.Length - 1);
return WriteSecurityDescriptor((ManagementBaseObject[])newDACL);
}
private void GetObjectDacl()
{
// Get the security descriptor for this object
bool EnablePrivileges = lfs.Scope.Options.EnablePrivileges;
lfs.Scope.Options.EnablePrivileges = true;
ManagementBaseObject outParams =
lfs.InvokeMethod( "GetSecurityDescriptor ", null, null);
if (((uint)(outParams.Properties[ "ReturnValue "].Value)) == 0) // if
success
{
Descriptor =
((ManagementBaseObject)(outParams.Properties[ "Descriptor "].Value));
//The DACL is an array of Win32_ACE objects.
dacl = ((ManagementBaseObject[])(Descriptor.Properties[ "Dacl "].Value));
}
return;
}
public void Dispose()
{
Dispose(true);
GC.SuppressFinalize(this);
}
protected virtual void Dispose(bool disposing)
{
if(!this.disposed)
{
// Release ManagementObject.
lfs.Dispose();
}
disposed = true;
}
~FileObjectSecurity()
{
Dispose(false);
// BUG BUG, finalizer should never be called. Object should be Disposed
by client.
// Failing to call dispose, will throw in debug build
#if DEBUG
throw new Exception( "Finalizer called on disposable object ");
#endif
}
}
class Tester {
public static void Main()
{
// Create FileObjectSecurity passing the file object (filepath) to the
ctor.
// Beware the double backslashes !!!!
using (FileObjectSecurity fos = new
FileObjectSecurity(@ "c:\\somedir\\somefile "))
{
fos.GetACEs(false); // Get DACL no console dump
fos.AddACEToDacl( "Users ", Mask.FileWriteData);
fos.GetACEs(true); // Get DACL and dump to console
}
}
}
2- Use System.DirectoryServices and ADSI security client (included in
activeds.dll on XP and higher).
Using this method is similar to 1, but it requires a reference to
activeds.tld and COM interop.
3- Use MC++ and IJW interop with the NTFS security API 's.
4- Use PInvoke interop from C# to call the NTFS security API 's.
问2个问题
1 我用vb.net运行的程序如何以system权限运行啊?添加什么样的代码能实现?
2 用vb.net编写的程序通过局域网共享运行的时候会提示权限不足,怎么能解决这个问题呢?
------解决方案--------------------
// Initialize new Trustee (here a local accoun as sample)
try {
trustee = new ManagementClass( @ "Win32_Trustee " );
// trustee.Properties[ "Domain "].Value = " "; // if domain other then local
machine
trustee.Properties[ "Name "].Value = TrusteeName;
}
// catch if non existing trustee
catch (Exception e)
{
Console.WriteLine(e.Message);
return false;
}
try {
ace = new ManagementClass( @ "Win32_ACE " );
ace.Properties[ "AccessMask "].Value = Mask;
ace.Properties[ "AceFlags "].Value = AceFlags.NoPropagateInheritAce;
ace.Properties[ "AceType "].Value = AceType.AccessAllowed;
ace.Properties[ "Trustee "].Value = trustee;
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return false;
}
Console.WriteLine(newDACL.Length);
newDACL.SetValue(ace, newDACL.Length - 1);
return WriteSecurityDescriptor((ManagementBaseObject[])newDACL);
}
private void GetObjectDacl()
{
// Get the security descriptor for this object
bool EnablePrivileges = lfs.Scope.Options.EnablePrivileges;
lfs.Scope.Options.EnablePrivileges = true;
ManagementBaseObject outParams =
lfs.InvokeMethod( "GetSecurityDescriptor ", null, null);
if (((uint)(outParams.Properties[ "ReturnValue "].Value)) == 0) // if
success
{
Descriptor =
((ManagementBaseObject)(outParams.Properties[ "Descriptor "].Value));
//The DACL is an array of Win32_ACE objects.
dacl = ((ManagementBaseObject[])(Descriptor.Properties[ "Dacl "].Value));
}
return;
}
public void Dispose()
{
Dispose(true);
GC.SuppressFinalize(this);
}
protected virtual void Dispose(bool disposing)
{
if(!this.disposed)
{
// Release ManagementObject.
lfs.Dispose();
}
disposed = true;
}
~FileObjectSecurity()
{
Dispose(false);
// BUG BUG, finalizer should never be called. Object should be Disposed
by client.
// Failing to call dispose, will throw in debug build
#if DEBUG
throw new Exception( "Finalizer called on disposable object ");
#endif
}
}
class Tester {
public static void Main()
{
// Create FileObjectSecurity passing the file object (filepath) to the
ctor.
// Beware the double backslashes !!!!
using (FileObjectSecurity fos = new
FileObjectSecurity(@ "c:\\somedir\\somefile "))
{
fos.GetACEs(false); // Get DACL no console dump
fos.AddACEToDacl( "Users ", Mask.FileWriteData);
fos.GetACEs(true); // Get DACL and dump to console
}
}
}
2- Use System.DirectoryServices and ADSI security client (included in
activeds.dll on XP and higher).
Using this method is similar to 1, but it requires a reference to
activeds.tld and COM interop.
3- Use MC++ and IJW interop with the NTFS security API 's.
4- Use PInvoke interop from C# to call the NTFS security API 's.