I am writing an app that starts a command line applications and processes this application’s output. For this I am using Xojo’s shell class.
I would like to be able to start the other application with admin privileges. When I start the other application the user should be asked for privilege escalation via the normal Windows UAC prompt.
There are three avenues I have tried so far:
Using VBS as documented here: Dealing with Windows security — Xojo documentation
This does not seem to work anymore. The vbs file is automatically deleted when I try to execute it - probably by windows defender.
Using the runas command in the command line.
But with runas Windows does not open the UAC prompt, but asks for the password inside the terminal.
You can’t do this with the Xojo shell because Windows doesn’t allow the input and output of an elevated process to communicate directly with a user-level process.
To see this:
Open 2 cmd.exe terminals - one as your user, and one as Administrator
Drag and drop a file from an Explorer window to both terminals
The user window will show the path to the file
The Administrator window will do nothing
If you use MBS plugins, Christian may have a solution for you.
You can set the security level for your app to administrator which will mean the shells created will also be at that level. See Windows 64-Bit advanced build settings.
Unfortunately, that results in the problem of not being able to drag and drop between the desktop and the app. If you don’t use that mechanism, then Wayne’s suggestion is the best solution.
I talked to Christian: If I understood him correctly, he has not implemented all necessary calls yet. And even than it is unclear if I could achieve what I want to achieve with ShellMBS.
Therefore I am concentrating on an approach using a helper service which runs with admin privileges.