Vista: Impersonation across Intergrity Levels

  • Thread starter Thread starter Alex Chmut
  • Start date Start date
A

Alex Chmut

Hello all,

I have an app that runs elevated that talks to an unelevated app via COM.
I want the COM servers in the unelevated app to be able to impersonate the
elevated client to perform certain file operations with full admin rights.

Whatever CoInitializeSecurity() parameters I have been trying to apply on
the client does not give the server appropriate rights ending with
ERROR_BAD_IMPERSONATION_LEVEL error when it tries to work with a file after
CoImpersonateClient().

I can foresee that something like a Mandatory Label SACL needs to be applied
to the client, but I cannot find any documentation in that regard.

Anyone has any ideas?

Thanx in advance,
AlexC
 
Alex said:
Hello all,

I have an app that runs elevated that talks to an unelevated app via COM.
I want the COM servers in the unelevated app to be able to impersonate the
elevated client to perform certain file operations with full admin rights.

Whatever CoInitializeSecurity() parameters I have been trying to apply on
the client does not give the server appropriate rights ending with
ERROR_BAD_IMPERSONATION_LEVEL error when it tries to work with a file after
CoImpersonateClient().

I can foresee that something like a Mandatory Label SACL needs to be applied
to the client, but I cannot find any documentation in that regard.

Anyone has any ideas?

Thanx in advance,
AlexC
Click to expand...

I could be wrong, but I understand that you cannot alter the security
level of a process once it has been started - it's by design. The only
way you'll get it to work is to:

a.) get the unelevated process to launch an elevated process and perform
those file operations in that process and then exit to the original
unelevated process
b.) elevate the currently unelevated process

Basically, as I understand it, you're not going to get an unelevated
process to be elevated once it's started.

D
 
David Hearn said:
a.) get the unelevated process to launch an elevated process and perform
those file operations in that process and then exit to the original
unelevated process
b.) elevate the currently unelevated process
Click to expand...

These are not relavent to my question. I'm not talking here about how to
design apps for Vista.
I'm talking about a piece of functionality of the normal NT/COM security -
impersonation, which should work as long as the client gives such right to
the server.
 
Alex said:
These are not relavent to my question. I'm not talking here about how to
design apps for Vista.
I'm talking about a piece of functionality of the normal NT/COM security -
impersonation, which should work as long as the client gives such right to
the server.
Click to expand...

Sorry, I was under the impression this app was running on Vista and
therefore constrained by Vista's more strict security policies.

David
 
Back
Top