Many people hate the control of user accounts, why my computer should ask me if I am sure?. Windows must gradually implement the differentiation of normal user on the Admin user and if you want to learn an easy way to view [i] [/i] lizar your applications, I invite you to read this document and start being part of the solution and not the problem
The code for this article is C#. The original environment used for its development is the C# 2008 Express version, which is available free of charge for its download on Microsoft's site.
We all have clear Windows drag years of bad practices, in effect criticism better known by more advanced users is that a differentiation there is between users and administrators. This situation allows any user with little experience or only by a small mistake to finish installing some type of malware, spyware, or one of those tonteras.
For a user of Unix and thus of Mac and Linux, would be a great irresponsibility to work using the "root" account, however for the majority of Windows users this is a daily practice.
If we consider that even the ancient environments of development of applications for Windows, including Microsoft products needed to run with the privileges of the administrator group, you can then begin to presage the origin of the whole problem.
But the truth is that I do not come to talk about the problem, or how wrong we were. With difficulty and view rejection has tried to impose a new security scheme, clean, and our task is (when you need it) provide the best user experience ever, from the point of view of application developers. So my idea is to show in a simple way and which is not a great effort, how to integrate our applications to the world of Windows Vista in a transparent way.
How does the user, or UAC account control work?
In its simplest form, the user account control has a flow ranging from a user with limited permissions, where the special SYSTEM user displays an alert 'protected' on another desktop. When the alert is satisfactory, is activated the "administrative" task in which now the owner is the user with administrator privileges.
By default, the same desk that I showed in the document about The problem of the composer and the secure desktop It is used as transition "safe" because no other application can directly interact with the desktop (to less than belong to SYSTEM), it captures the current screen and darkens to use UAC warnings background, so the transition is less detectable.
Our task is as simple as creating that transition between the application without privileges and administrative "actions". More dirty how to achieve this, without actually doing anything, is to require administrative privileges, as do some applications (the last one I can remember is Corel VideoStudio X 2, update Ulead VideoStudio 11, which curiously did not require these privileges).
To get this dirty "solution", we can attach a manifesto (a manifest is an XML document attached and embedded to an executable file that you can define certain characteristics of it) to define this requirement to the application, in the following way:
On the part of the user, it is possible to define this requirement as part of the application compatibility properties, to achieve the same effect:
Our objective is to generate a better solution than this.
Do not consider the presence of user account control, or even the absence of the administrator permissions (as in a Windows XP limited account) If you can adapt your application takes a bit of work. Practices dirty how to write temporary files to the root of the disk, registry and other sections may further hinder the task.
To get started, the application that will be my patient for the adaptation process will be a personal application which develop some time ago, application that was posted in the article on errors and curiosities of Windows Vista. This application allows you to change the evaluation of performance that makes Windows Vista to your team, almost by way of mockery of the same evaluation. The preliminary version of this application looks in the following way:
Of course, in my early days with Windows Vista remove control of user accounts, persistent by my memories of philosophy exists in Windows XP, where how mere mortals are constantly gods for the system. Gods that, unusually, can make clumsy mistakes.
So the application to modify the performance evaluation, needed to start with administrator privileges to function properly, even if only needed these privileges at the time of storing the evaluation.
Read the evaluation of the performance of Windows Vista
Performance logs are stored in the directory "WindowsPerformanceWinSATDataStore" of the hard disk that contains the operating system installation. The names of these files have the particularity to contain "Assessment" and "WinSAT.xml" but internally may contain the date and time of the data capture. This variability of the name leads us to create a code that dynamically locate the last of these files in the system directory:
If the user has never held a performance assessment (although it is virtually impossible since Windows performs one as part of the initial configuration), or any other problem happens, it returns an empty string.
As the file is a smart XML, just traverse the tree in search of the data we are looking for:
In this way we have already obtained all the current rates of performance.
Writing performance evaluation modified
Write the new values to the XML is a process similar to the reading. In fact, it is almost the same code. The only difference that in this case "lastWinSatFile" is the last file recovered by "FindLastWinSat":
And that's it. The development of the program would come here if we assume in that will be always executed with administrative privileges, but this time, it is not the idea.
Raising our actions
To raise the action of saving, I will use a little trick. First I'll try normally save data in XML, as I explained in the previous section:
Then, if we can save the settings, everything follows naturally. If we do not achieve our goal, we will call "RestartElevated". That function is not more than:
We never even got to the crucial point, for the moment the only thing that we have generated is a chain of arguments, string that we will use to call the new process (the high). Now let's see how we launched the new process:
Now we have finally created a process "p", which retains our execution until it ends or as it takes considerable time, defined in the application configuration. This process gets its information from the following function (which finally reveal the secret of the "mysterious" elevation of privilege):
Not mentiré them, although it may seem very easy... This is it!, the only thing I did is to put "runes" and set P:System.Diagnostics.ProcessStartInfo.UseShellExecute. Let's see some code details.
First, "verb". "In my paper on"Full control over the context menu"I teach the mysteries about the commands and options in the context menu of Windows, each command for Windows is a"verb". For example, a Word document has actions like "New", "Open", "Print" when you click secondary. These actions are internally the existing "verbs" under the "HKCR.docshell" branch, named as "New", "Open", "Print" (in reality, the commands are under the branch related to the extension, on the master type, i.e.: "HKCRWord.Document.Vshell", where V is the version of the file type).
What set as "runes" of the executable file, then, is to use the command run as administrator which executable files are default, in the Windows context menu.
We have subsequently P:System.Diagnostics.ProcessStartInfo.UseShellExecute. This is a requirement of "inheritance" of the process. Being a process without administrative privileges, it is not proper nor possible to launch a new process that has administrator privileges directly. Thus, we ask Windows make it, which manage the creation of the new process.
Let's recap the situation:
If I can not save the data, I call myself with a few arguments showing me what should I do when has the powerso don't forget to my homework and start normally.
There is one additional detail. This time, I do not need to show a dialog or a high message, so I don't really as my two applications are interacting, which carries out the actions with administrator privileges and that flame, with limited privileges. What if what we want is to really call a new high window?, most exemplified:
In the image, to change the time is called a high dialogue. This new dialogue has administrative permissions but works as a modal form to the first. This can be done easily by adding the following to the beginning of the process information:
I have the power, but I get precise instructions
The title, is that the process must be done now. Receive instructions from the line is not rather than quickly process them:
The following events occur in the application's "Main". In effect:
The main form's constructor will process the instructions contained in the arguments. In this way the process will be completely silent when it has only been called with explicit instructions.
And so, the constructor of the form main only thing it does is receive the arguments as if they were the values of bars of scores and applies them.
Ending with a touch of aesthetic
As button to save the changes is the only one that requires elevation of privilege, it should then be highlighted. The standard proposed by Microsoft is constantly used in the latest version of Windows:
Where does that shield?
A dirty way to add the distinctive coat of arms would be creating an icon and by attaching it to the button. However, practices and make a development little maintainable and dependent (for example if you alter the shield, if the application is running on one older version of Windows, including Windows 7).
Now, where is that shield?
There are many possibilities. Already knowing the system is easy to predict that being part of the user interface it is likely you are in any of the libraries of System32as Shell32.dll, User32.dll and Comctl32.dll, among others that everyone must know.
Investigating for a few minutes with a resource editor, I discover that it is User32.dll, on this occasion, who has our treasure:
Thus, the User32.dll library is which provides us the ability to deploy a shield on a button of the application interface component. Moreover, this hypothesis is faithfully supported by the Microsoft Knowledge Base.
We must then declare the library and its point of entry into our code C# (in a manner very similar to that we would do so in VB):
The call, then, is as follows, being "buttonSave" called button to perform actions with elevated privileges:
Why's that code?
The first section, on "FlatStyle" is imperative. To the set it to "System" We have to pass the work of drawing the control directly to the operating system. This way, the alignment of the text and the image of the control can be established by the operating system.
Then there is the call to the User32 library. As you enter the MSDN documentation, the call should be follows:
With these data, the definition is simple. A message is sent to the button with its identifier "handle", the message says BCM_SETSHIELD (160 c in hexadecimal). The following parameters are fixed, the first (wParam) is always zero, and the second (lParam) is true (the maximum value FFFFFFFF, in hexadecimal) for when we want to establish the shield in the control to which we refer.
Source code and binaries
The new version, apart from the new features, is localized into English. This location means that as taught in the next articlethe application will look completely translated into English when required. By default it will show the interface in Spanish language.
The source code is written in C#, the solution is to format for version Express Visual Studio 2008 C#.
Installation is not required, simply download the executable binaries and double click the executable main:
Although the process of adapting the applications for Vista UAC, and surely the future Windows, involves additional work, the results are remarkable. Cleaning applications shimmer naturally in your environment is more than a simple upgrade.
Integrations at this level produce a greater sense of security and a better user experience, administrative actions should be raised and not the application in general. Similarly, applications continue to operate perfectly in environments in which all rights management (e.g. with the disabled user account control) are available.
However, this solution can become tedious if the requirements are different, for example a configuration with many options panel, where should adapt the application to address the problem in a different way.