lundi 30 mars 2015

Starting an application with the user privilege who is currently logged into Windows.

I have developed an update service for my main application in Qt. Update service(Actually a windows service) runs under Local System privilege. Once update service receives update patch(prepared by Inno Setup) from server, it starts the patch executable and patch performs two tasks:


1. First it installs the updates.

2. Then it starts a launcher which launches the main application.

Here is a picture how all applications are started:


Update Service --> Patch Executable --> Launcher --> Main Application

Patch executable inherits Local System privilege from Update Service and launcher inherits the same privilege from the patch executable. And Hence my main application is launched under Local System. But I want to launch my main application with the user privilege who is currently logged into Windows.


Here are few more things about the main application:


1. Installation of main application requires Administrator privilege.

2. Application can be started and used by any kind of windows user.

3. Updates can be installed from any user account(including non admin users).

Here is the code of launcher written in VC++. It tries to launch the calc.exe under user account who is currently logged into Windows System. But it fails, my main application is being launched under Local System. I am a Qt and Java developer by profession. So basically I have no idea of Windows development stuff. Please give me a pointer to correct the code or provide me any other idea by which I can achieve my task.



HANDLE accountToken = (HANDLE)WindowsIdentity::GetCurrent()->Token;
TCHAR cmd[512] = TEXT("calc.exe");
STARTUPINFO startup_info;
PROCESS_INFORMATION process_information;
LPVOID pEnvironment;
HANDLE hTokenDup = NULL;

ZeroMemory(&startup_info, sizeof(startup_info));
startup_info.cb = sizeof(startup_info);
ZeroMemory(&process_information, sizeof(process_information));
ZeroMemory(&pEnvironment, sizeof(pEnvironment));
CreateProcessAsUser(accountToken, NULL, cmd, NULL, NULL, FALSE, CREATE_NO_WINDOW, &pEnvironment, NULL, &startup_info, &process_information);

Aucun commentaire:

Enregistrer un commentaire