Is it possible to lower the privilege level when calling CoCreateInstance on Vista? | ansaurus

tags:

views:

272

answers:

1

Q:

Is it possible to lower the privilege level when calling CoCreateInstance on Vista?

Okay, I have a plugin for IE that when installed needs to (with the user's permission) restart IE.

To do this I have a DLL that is invoked by the installer. And it works, but the problem is that when IE is restarted on Vista, it is restarted with the administrator privileges of the installer, which is a problem for a number of reasons.

I'm using CoCreateInstance to start IE, so that I get an instance of the IWebBrowser2 interface in order to perform some actions on it.

So my question is, is it possible to call CoCreateInstance from an application that is running with Administrator privileges, in such a way that the resulting COM object instance inherits the base user privileges rather than the administrator privileges of the calling application?

A:

Okay, I found the solution from here:

http://social.msdn.microsoft.com/Forums/cs-CZ/ieextensiondevelopment/thread/78a2bc18-1920-4e58-af7e-48dbcebe7643

From my installer DLL I need to launch a new thread, and impersonate the current user on that thread, and then set a low integrity level, and create the COM instance with the CLSCTX_ENABLE_CLOAKING context.

Gerald 2009-08-20 09:13:17

Are you sure you can repost content from other sites here?

sharptooth 2009-08-20 09:21:18

I'd be careful trying to marshal the interface pointer back from that thread -- stubs are bound to the apartment they were created in, and when you call CoUninitialize(), the apartment is killed, and your IWebBrowser2 stub too. You probably need to keep the thread/apartment alive for as long as the interface pointer is used.

Kim Gräsman 2009-08-20 13:15:57

@sharptooth, good point, I deleted the content and just left the link to the other site.

Gerald 2009-08-20 19:35:19

related questions

Of Memory Management, Heap Corruption, and C++

How do I make a GUI?

Alpha blending sprites in Nintendo DS Homebrew

Thread safe lazy contruction of a singleton in C++

Interview Programming Questions - In house Exam

Link issues (VC6)

What are the barriers to understanding pointers and what can be done to overcome them?

Why are professors or schools picking Java over C++ to teach to students?

What is the best way to create a sparse array in C++

C/C++ library for reading MIDI signals from a USB MIDI device

How do you pack a visual studio c++ project for release?

How to set up unit testing for Visual Studio C++

How do I configure and communicate with a serial port?

Lightweight IDE for Linux

Mapping Stream data to data structures in C#

CPU throttling in C++

Asynchronous multi-direction server-client communication over the same open socket?

Exceptions in C++

Heap corruption under Win32; how to locate?

Build for Windows NT 4.0 using Visual Studio 2005?

C++: Should I use nested classes in this case?

BerkeleyDB Concurrency

GTK implementation of MessageBox

Is gettimeofday() guaranteed to be of microsecond resolution?

How to use the C socket API in C++ on z/OS