I’m looking for correct way to allow elevating privileges for selected operations.
Something similar many products offer.
For example if you have UAC turned on and you are using Total Commander (running with basic privileges) when browsing restricted folders you will get:
If you push As Administrator you will get common User Access Control dialog asking if you want to grant the process required permissions. Is it something similar possible in .NET application (even with Win32 support)?
- How should be such functionality correctly implemented?
- Do I need to run external process to get elevated privileges just for selected functionality?
I’m not looking for solution which will demand running the main process as administrator.
You’re going to have to factor the target operation functionality into a separate component that will be run elevated. This can be either an executable that requires elevation or a COM component (which could presumably be a COM wrapper for a .NET component). Details are available at http://msdn.microsoft.com/en-us/library/bb756990.aspx, with the When to Add the Shield Icon to Your Application’s User Interface being particularly pertinent.