September 5th, 2018

How do I request that my out-of-process COM server run unelevated?

By default, if an elevated process creates an out-of-process COM server, that COM server also runs elevated. The Activate as Activator policy runs the COM server with the same identity as the caller. When applied to an elevated caller, it means that client gets an elevated server running with the same identity.

To force the out-of-process COM server to run unelevated, set the RunAs value under the AppID key as follows:

[HKEY_LOCAL_MACHINE\Software\Classes\AppID\{guid}]
  RunAs="Interactive User"

This causes the server to activate as the currently logged-in user for the session, even if the activator is running elevated.

Be aware that the currently logged-in user may, nevertheless, be elevated if UAC is disabled, so this is not a guaranteed way to get a non-elevated server. Still, if UAC is disabled, then there is no such thing as an unelevated administrator, so the thing you’re asking for doesn’t exist in the first place.

Bonus reading: The RunAs value.

Topics
Code

Author

Raymond has been involved in the evolution of Windows for more than 30 years. In 2003, he began a Web site known as The Old New Thing which has grown in popularity far beyond his wildest imagination, a development which still gives him the heebie-jeebies. The Web site spawned a book, coincidentally also titled The Old New Thing (Addison Wesley 2007). He occasionally appears on the Windows Dev Docs Twitter account to tell stories which convey no useful information.

0 comments

Discussion are closed.