获取错误和标准输出从提升的子进程 [英] Get error and standard output from an elevated child process

问题描述

我已经创建了启动两种类型的流程的流程处理：即升高与管理员用户名和密码，
另一个正常运行，没有任何用户名和密码输入
一。

I've created a process handler which starts two types of processes: One that is elevated with administrator username and password Another that runs normally without any username and password input.

我struggeling弄清楚如何从高架进程中取得的输出。这将启动过程中的应用，并不需要管理员凭据来运行，管理员凭据在一个单独的加密的XML文件，应用程序使用的脚本以及需要管理员凭据等地输入。

I'm struggeling to figure out how I can get output from the elevated process. The application which starts the process, does not require Admin credentials to run, the admin credentials are entered in a seperate encrypted xml file, which the application uses in scripts and other places where admin credentials are required.

由于应用程序与普通用户运行，访问这些应用程序已启动提升进程，似乎是出了问题。我可以启动一个过程，我可以很容易地检查它是否做了它是什么suppoused，但我不能读它为一个字符串或日志的操作。

Since the application is run with a normal user, accessing elevated processes which the application has started, seems to be out of the question. I can start a process and I can easily check if it has done what it is suppoused to, but I cannot read its action to a string or a log.

public bool CreateProcessWithAdminRights(string filePath, string commandlineArgument, bool log)
{
    if (!string.IsNullOrEmpty(filePath) && !string.IsNullOrEmpty(commandlineArgument) && _user.UserDataExsists())
    {
        var securePassword = GetSecureString(_user.Password);

        ToolsProvider.Logger.Debug("Creating process with the following filepath: {0} and commandline argument: {1}", filePath, commandlineArgument.Replace(_user.Password, "<REPLACED>"));
        ToolsProvider.Logger.Info("Creating Process with admin rights for {0} against {1}", _user.Name );

        _proc = new Process
        {
            StartInfo =
            {
                FileName = @filePath,
                Arguments = commandlineArgument,
                ErrorDialog = false,
                RedirectStandardInput = false,
                RedirectStandardOutput = _log,
                RedirectStandardError = _log,
                UseShellExecute = false,
                CreateNoWindow = true,
                WindowStyle = ProcessWindowStyle.Hidden,
                UserName = _user.Name,
                Password = securePassword,
                Domain = _user.Domain
            }
        };
        _proc.ErrorDataReceived += ErrorDataReceived;
        _proc.OutputDataReceived += OutputDataReceived;
        return true;
    }
    return false;
}

进程是使用启动：

The process is started using:

private bool StartProcess()
{
    if (_proc != null)
    {
        try
        {
            _proc.Start();
            _proc.BeginErrorReadLine();
            _proc.BeginOutputReadLine();
            _proc.WaitForExit();
            _proc.CancelOutputRead();
            _proc.CancelErrorRead();

            if (_standardOutput.Length > 2)
            {
                // use writeline, the builder itself will add the DEBUG / info tag
                ToolsProvider.Logger.WriteLine(_standardOutput.ToString());
            }

            if (_errorBuilder.Length > 2)
            {
                // use writeline, the builder itself will add the DEBUG / info tag
                ToolsProvider.Logger.WriteLine(_errorBuilder.ToString());
            }

            return true;
        }
        catch (Win32Exception ex)
        {
            ToolsProvider.Logger.Error(
                "Missing file while trying to run an action: " + _proc.StartInfo.FileName, ex.Message);
        }
    }
    ToolsProvider.Logger.Error("");
    return false;
}

我试着用冒领类以及与启动过程而不加入到过程中的管理凭证。冒领类没有做任何事情，但告诉我，我没有acccess，eventhough我是冒充管理员...

I've tried starting the process using an Impersonator class as well, with and without the admin credentials added to the process. The impersonator class didn't do anything but tell me that I didn't have acccess, eventhough I was impersonating an administrator ...

我得到了冒领类从这里

http://freshclickmedia.co.uk/2008/11/programmatic-impersonation-in-c/

所以，我怎么标准，ERROROUTPUT从提升的过程中，不升高的过程？

So, how do I get standard and erroroutput from an elevated process in a process which isn't elevated?

推荐答案

您不能除非黑客系统和/或利用一些bug和/或写一些内核级的代码（即驱动程序）来规避这些安全措施...

You can't except by hacking the system and/or exploiting some bug and/or writing some kernel-level code (i.e. driver) to circumvent these security measures...

只是想想这种可能性将意味着 - 海拔会变得毫无意义，因为总有那么一个系统中的一些提升进程可能有这些手段操纵......所以答案是NO ...

Just think about what this possibility would mean - elevation would become meaningless since there are always some elevated processes in a system which could be manipulated by such means... so the answer is NO...

您应该能够什么做的是输出重定向到一个文件（例如> C：\MyLog.txt ），后来阅读文件...

What you should be able to do is redirect the output to a file (for example > C:\MyLog.txt) and later on read that file...

想想不同的设计不需要这种访问...

Think about a different design which does not require this sort of access...

这篇关于获取错误和标准输出从提升的子进程的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！