You are currently offline, waiting for your internet to reconnect

How to create a low-integrity process in Visual C++, in Visual C#, and in Visual Basic.NET

INTRODUCTION
This article describes an All-In-One Code Framework sample that is available for download. This code sample demonstrates how to start an application process at a low integrity level in Visual C++, Visual C#, and in Visual Basic .NET.

By default, a child process inherits the integrity level from its parent process. To start a low integrity level process from a medium integrity level process, you have to explicitly start the new process at a low integrity level.

Difficulty level

Download information

To download this code sample, click the following link:

    


Technical overview

The code sample demonstrates how to start a process at low integrity level. The sample application launches itself at the low integrity level when you click the Launch myself at low integrity level button on the application.

Launch my self at low integrity level

Low integrity level process can only writes to low integrity level location, such as the %USERPROFILE%\AppData\LocalLow folder or the HKEY_CURRENT_USER\Software\AppDataLow key.

If you try to gain write access to objects at a higher integrity level, you will receive an access denied error even though the user's SID is granted write access in the discretionary access control list (DACL).

Access Denied

By default, child process inherits the integrity level from its parent process. To start a low integrity level process, you must start a new child process with a low integrity level access token by using CreateProcessAsUser function. Please refer to the CreateLowIntegrityProcess function in the sample packages for more information.

NoteFor more information about how to create the sample application and how to deploy the sample application, see the Readme.txt file that is included in the download package.

Technology category

  • Security

Languages

This code sample contains the following programming languages:

LanguageProject Name
Visual C++CppCreateLowIntegrityProcess
Visual C#CSCreateLowIntegrityProcess
Visual Basic.NETVBCreateLowIntegrityProcess

Prerequisites

  • You must run this sample on Windows Vista or newer operating systems.

Tags

  • Security, UAC, Integrity Level

MORE INFORMATION

What is All-In-One Code Framework?

All-In-One Code Framework shows most Microsoft development techniques by using code samples in different programming languages. Each example is carefully selected, composed, and documented to show one common code scenario. For more information about All-In-One Code Framework, visit the following Web site:


How to find more All-In-One Code Framework samples

To find more All-In-One Code Framework samples, you can simply click the following link:



Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations.
Properties

Article ID: 2278183 - Last Review: 08/12/2010 07:22:00 - Revision: 2.0

Microsoft Visual Studio 2008 Service Pack 1

  • kbinfo kbcodefx kbnomt atdownload kbrapidpub kbsurveynew KB2278183
Feedback
ft.com/c.gif?DI=4050&did=1&t=">rClickTracking = 1; var varCustomerTracking = 1; var Route = "76500"; var Ctrl = ""; document.write("