是否可以禁用以管理员身份运行的应用程序,因为它只是以本地用户身份运行。
问问题
423 次
1 回答
5
我认为您不能阻止以管理员身份启动该过程;但是,您可以检查它是否以提升的权限执行,如果是,则退出。
static bool IsRunningWithElevatedPrivileges()
{
IntPtr hToken;
int sizeofTokenElevationType = Marshal.SizeOf(typeof(int));
IntPtr pElevationType =
Marshal.AllocHGlobal(sizeofTokenElevationType);
if (OpenProcessToken(GetCurrentProcess(), TokenQuery, out hToken))
{
uint dwSize;
if (GetTokenInformation(hToken,
TokenInformationClass.TokenElevationType, pElevationType,
(uint)sizeofTokenElevationType, out dwSize))
{
TokenElevationType elevationType = (TokenElevationType)Marshal.ReadInt32(pElevationType);
Marshal.FreeHGlobal(pElevationType);
switch (elevationType)
{
case TokenElevationType.TokenElevationTypeFull:
return true;
default:
//case TokenElevationType.TokenElevationTypeLimited:
//case TokenElevationType.TokenElevationTypeDefault:
return false;
}
}
}
return false;
}
[DllImport("kernel32.dll")]
static extern IntPtr GetCurrentProcess();
[DllImport("advapi32.dll", SetLastError = true)]
static extern bool OpenProcessToken(
IntPtr processHandle,
uint desiredAccess,
out IntPtr tokenHandle);
[DllImport("advapi32.dll", SetLastError = true)]
static extern bool GetTokenInformation(
IntPtr tokenHandle,
TokenInformationClass tokenInformationClass,
IntPtr tokenInformation,
uint tokenInformationLength,
out uint returnLength);
const UInt32 TokenQuery = 0x0008;
enum TokenElevationType
{
TokenElevationTypeDefault = 1,
TokenElevationTypeFull,
TokenElevationTypeLimited
}
enum TokenInformationClass
{
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass
}
于 2012-08-12T13:43:21.567 回答