C++: Communication with elevated child process on

2019-05-10 13:50发布

问题:

I'm having the following setup: The DLL I'm writing is loaded dynamically at runtime and offers some API-like functionality to the host application. The host application is not running with admin rights (and therefor my DLL isn't either).

Some tasks my DLL needs to fulfill need admin rights though, specifically I have to save and copy files to the program files folder.

My current approach is to launch external applications via ShellExecute and the "runas" verb, which triggers the UAC prompt. This especially means that multiple subsequent actions triggered by the user will always result in an additional UAC prompt, which could be pretty annoying.

So the idea would be to launch a separate, elevated process once, which then runs in the background and receives the respective commands and executes them. This brings me to my question: Which methods of communication are even possible between an unelevated process and its elevated child process? Access to stdin seems to be forbidden due to obvious security reasons, but what about named pipes or shared memory? Do the same restrictions apply?