Home/ Questions/Q 6539445
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T10:51:36+00:00

I want to use declarative security to guarantee that my app is only run

  • 0

I want to use declarative security to guarantee that my app is only run by a local admin on the machine. For example,

private void Window_Loaded(object sender, RoutedEventArgs e)
{
    AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
    try
    {
        LoadUsers();
    }
    catch (System.Security.SecurityException)
    {
        MessageBox.Show("You must be a local administrator to run this application.");
        System.Environment.Exit(1);
    }
}

// You must be an admin to run this method...
[PrincipalPermission(SecurityAction.Demand, Role = @"BUILTIN\Administrators")]
private void LoadUsers()
{
    // etc.
}

That is all well and good; however, it would be nice if I could debug without first launching the IDE with “Run as Administrator”.

Question: Is there a way to get around this in the security declaration attribute? Or is there a different security demand I can use? Thanks!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I guess there’s more control with Imperative security in this case. One can see if the debugger is attached or not before making the security demand.

        private void Window_Loaded(object sender, RoutedEventArgs e)
    {
        AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
        try
        {
            // USE IMPERATIVE SECURITY TO ALLOW THE APP TO RUN IN THE DEBUGGER
            if (!Debugger.IsAttached)
            {
                string user = string.Format(@"{0}\{1}", Environment.UserDomainName, Environment.UserName);
                PrincipalPermission permission = new PrincipalPermission(user, @"BUILTIN\Administrators");
                permission.Demand();
            }
            LoadUsers();
        }
        catch (System.Security.SecurityException)
        {
            MessageBox.Show("You must be a local administrator to run this application.");
            System.Environment.Exit(1);
        }
    }

    // NO DECLARATIVE SECURITY DEMAND HERE
    private void LoadUsers()
    {
       // etc.
    }
    • 0