How can a .NET Framework desktop-application gain elevated privileges?

  .net-framework-4.8, visual-studio-2019, windows


The goal is to trigger the UAC dialog and allow the app to temporarily elevate privileges to perform activities that require admin access, but not require the entire application to run with elevated privileges.

Processes have fixed permissions, right?

If I remember right, the "process" model at the operating system level requires that a process finish with the same privileges it starts with (ie. cannot be changed).

So the only way to ‘elevate’ is to start a new process. No problem with that – the process can do what it needs to then terminate, with inter-process-communication as required. But what’s the ‘modern .NET way’ to get the process to start?

Does a declarative option still exist?

There are old articles ( eg. this C# Corner article for VS 2012 ) that discuss adding a declarative security condition in the app.manifest:

<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />

… however, I can’t follow the instructions in the article … adding an Application Manifest at all isn’t a thing in VS 2019, it seems.

Or is a programmatic option the only way?

I believe I could use a System.Diagnostics.ProcessStartInfo to specify .verb = "runas" to start the process. Is there a better alternative?

Source: Windows Questions