| View previous topic :: View next topic |
| Author |
Message |
tinaa
Joined: 25 Nov 2004
Posts: 57
|
 Posted: Tue Mar 10, 2009 4:33 am Post subject: Elevated Permissions in AutoHotkey and the Run command |
 |
|
I've got an Autohotkey script setup to run at login on a Windows Vista machine (now actually running Windows 7 beta). Initially I just put it in the startup folder but found that various hotkeys won't work when the active window has elevated permission (eg. devicemanager, task scheduler, other control panel windows that require UAC elevation).
So I used the trick of launching the script from the task scheduler, set to launch at login using the elevated permission option.
This does allow the script to run regardless of the permission level of the active window, presumably because the script itself is now running with elevated permission.
However, the script also has several hotkeys that launch other applications using the run command (either applications, or opening folders with "explorer path").
Does this mean that when launched from the hotkey, those applications will inherit the scripts elevated permissions or will they launch with normal user permissions? If the former, is there any way to specify for the run command to use a lower permissions setting? Or should I be splitting this up into 2 scripts, one just for those that require elevated permissions to work within all windows, and putting everything else in a second script run from the startup folder?
Thanks. |
|
| Back to top |
|
 |
Guest
|
| Posted: Tue Mar 10, 2009 4:43 am Post subject: |
|
|
disable UAC
google for how to do it
alternatively, you can decide the permission level while compiling scripts
for that use this compiler |
|
| Back to top |
|
|
tinaa
Joined: 25 Nov 2004
Posts: 57
|
| Posted: Tue Mar 10, 2009 10:57 am Post subject: |
|
|
| Anonymous wrote: | disable UAC
google for how to do it
alternatively, you can decide the permission level while compiling scripts
for that use this compiler |
I have no interest in disabling UAC as I feel it's a useful security feature and I can load scripts without prompts using the task scheduler. I'm just trying to understand how permission inheritance works when launching apps from within a script.
thanks. |
|
| Back to top |
|
|
tank
Joined: 21 Dec 2007
Posts: 3700
Location: Louisville KY USA
|
| Posted: Tue Mar 10, 2009 8:18 pm Post subject: |
|
|
while UAC is nice you can set certain programs to run with elevated rights
http://www.autohotkey.com/forum/viewtopic.php?t=39479
_________________
We are troubled on every side‚ yet not distressed; we are perplexed‚
but not in despair; Persecuted‚ but not forsaken; cast down‚ but not destroyed; |
|
| Back to top |
|
|
Maniaxx
Joined: 18 Aug 2009
Posts: 7
|
| Posted: Wed Aug 19, 2009 5:43 pm Post subject: |
|
|
How did you manage to start your scripts properly by scheduler? Whenever i start it (in scheduler) it just sits in the taskmanager and doesn't work. There's also no systray icon. What's the trick? Can you give some details? That would really help a lot.
I'm using the gui version of the win7 scheduler. My script is just a simple one:
| Code: | | MButton::WinClose A |
It closes the active window with 3rd mouse button but it doesn't work on high privileged windows so i want to try the scheduler method as well.
Edit: I have to check 'only start if user is logged on'. Now it starts properly but there are still immune windows i can't close. Currently i'm testing it with 'firewall control'. Any ideas? |
|
| Back to top |
|
|
engunneer
Joined: 30 Aug 2005
Posts: 8255
Location: Maywood, IL
|
| Posted: Wed Aug 19, 2009 9:21 pm Post subject: |
|
|
I suspect it does inherit the permissions from the script that started it. Easy way to test: have it call a script that writes a file in the windows or program files folders. Then run that same script as a normal user.
The runAs option (or command, i can't check which) should let you run another script with lower permissions. For security, you might want to make a user specially for this.
_________________
 (Common Answers) |
|
| Back to top |
|
|
Maniaxx
Joined: 18 Aug 2009
Posts: 7
|
| Posted: Wed Aug 19, 2009 9:45 pm Post subject: |
|
|
| engunneer wrote: | | I suspect it does inherit the permissions from the script that started it. |
I can't follow... there is now previous script invoking this one.
AHK is started in admin user context and this extra flag (in scheduler) 'start with highest privileges'. Trying to start it as LOCAL SERVICE or SYSTEM doesn't work. Not sure if this would be the solution. Its not possible this way.
Edit: Never mind... |
|
| Back to top |
|
|
Guest
|
| Posted: Wed Aug 19, 2009 10:49 pm Post subject: |
|
|
| What is nice about UAC? |
|
| Back to top |
|
|
engunneer
Joined: 30 Aug 2005
Posts: 8255
Location: Maywood, IL
|
| Posted: Thu Aug 20, 2009 6:37 am Post subject: |
|
|
I was refering to | Quote: | | However, the script also has several hotkeys that launch other applications using the run command (either applications, or opening folders with "explorer path"). |
I suspect that the applications started by your script inherit the script's permissions.
_________________
(Common Answers) |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Register
Profile
Log in to check your private messages
Log in
