You will need to do what Internet Explorer (and Chrome) do. The browser tabs themselves are separate processes that run with a low required integrity level . But still there is a parent process level of Medium .
The client processes the connection with the parent process, albeit with named pipes, and asks the parent to take some action. Since the parent medium is medium, it can run something in the environment.
Update . Here is an example of how you cannot create an environmental integrity process from a low integrity process:
void CreateLowProcess(String szProcessName; String IntegritySid) { hToken: THandle; hNewToken: THandle; szIntegritySid: WideString; pIntegritySid: PSID; TIL: TOKEN_MANDATORY_LABEL; ProcInfo: PROCESS_INFORMATION; startupInfo: TStartupInfo; const int SE_GROUP_INTEGRITY = 0x00000020; const int TokenIntegrityLevel = 25; const String SLowIntegritySid = "S-1-16-4096"; const String SMediumIntegritySid = "S-1-16-8192"; const String SHighIntegritySid = "S-1-16-12288"; const String SSystemIntegritySid = "S-1-16-16384"; /* Designing Applications to Run at a Low Integrity Level http://msdn.microsoft.com/en-us/library/bb625960.aspx */ // Low integrity SID if IntegritySid == "" IntegritySid = SMediumIntegritySid; pIntegritySid = null; ZeroMemory(@startupInfo, sizeof(startupInfo)); if (!OpenProcessToken(GetCurrentProcess(), TOKEN_DUPLICATE or TOKEN_ADJUST_DEFAULT or TOKEN_QUERY or TOKEN_ASSIGN_PRIMARY, ref hToken)) RaiseLastWin32Error; try if (not DuplicateTokenEx(hToken, 0, nil, SecurityImpersonation, TokenPrimary, {var}hNewToken)) then RaiseLastWin32Error; try if (not ConvertStringSidToSidW(PWideChar(szIntegritySid), {var}pIntegritySid)) then RaiseLastWin32Error; try TIL._Label.Attributes := SE_GROUP_INTEGRITY; TIL._Label.Sid := pIntegritySid; // Set the process integrity level if (not SetTokenInformation(hNewToken, TTokenInformationClass(TokenIntegrityLevel), @TIL, sizeof(TOKEN_MANDATORY_LABEL) + GetLengthSid(pIntegritySid))) then RaiseLastWin32Error; //Create the new process at Low integrity Result := CreateProcessAsUserW( hNewToken, nil, PWideChar(szProcessName), nil, //ProcessAttributes nil, //ThreadAttributes False, //bInheritHandles 0, //dwCreationFlags nil, //lpEnvironment nil, //lpCurrentDirectory startupInfo, ProcInfo); finally LocalFree(Cardinal(pIntegritySid)); end; finally CloseHandle(hNewToken); end; finally CloseHandle(hToken); end; end;
And I will refuse transcoding the rest from pascal to C #. This cannot be done in any case, that is the answer.
source share