Signed and RequireAdministrator manifested executable being run from temp folder?

Posted by Ian Boyd on Stack Overflow See other posts from Stack Overflow or by Ian Boyd
Published on 2010-05-13T13:48:25Z Indexed on 2010/05/13 13:54 UTC
Read the original article Hit count: 271

Filed under:

Windows

|

appcompat

|

elevation

|

uac

i manifested my executable as require administrator:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> 

    <!-- Disable Windows Vista UAC compatability heuristics -->
    <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
        <security>
            <requestedPrivileges>
                <requestedExecutionLevel level="requireAdministrator"/>
            </requestedPrivileges>
        </security>
    </trustInfo> 
</assembly>

And then i digitally signed it.

But then when i run the executable i noticed something odd: the name of the executable on the Consent dialog changed from PingWarning.exe to pinxxxx.tmp; as though a temp copy was made, and that is being run:

alt text

i dug out Process Montior, to see if anyone is creating a *.tmp file when i launch my executable, and there is:

alt text

The Application Information service inside this particular svchost container is intentionally copying my executable to the Windows temp folder, and asking for user "Consent" from there; giving an invalid filename.

Once consent has been granted, the executable is run from its original location: link text

The file is not copied to the temp folder if i do not digitally sign it:

alt text

So my problem is the invalid filename appearing on the consent dialog when i digitally sign my executable which has been manifested as requireAdministrator.

What do?

© Stack Overflow or respective owner

Related posts about Windows

Server 2012 DFS New Member Issue

as seen on Server Fault - Search for 'Server Fault'
I am trying to add a new member to our DFS topology. We have 3 DCs (VMs - VMware) running Windows server 2012, two servers are located in or Primary site and the third at our DR site. Currently the two servers at our primary site are currently replicating DFS (full mesh) and are working fine. I have… >>> More
error in IIS7 but not on IIS6

as seen on Server Fault - Search for 'Server Fault'
I have a website that is we are now deploying to windows 2008 servers that has worked in the past on IIS6 without a problem. It is using .net 2 framework. Most of the website works. Just when we create a screen report over a certain size on the server we get this error. Event code: 3005 Event… >>> More
error in IIS7 but not on IIS6

as seen on Server Fault - Search for 'Server Fault'
I have a website that is we are now deploying to windows 2008 servers that has worked in the past on IIS6 without a problem. It is using .net 2 framework. Most of the website works. Just when we create a screen report over a certain size on the server we get this error. Event code: 3005 Event… >>> More
Microsoft Management Console stops working when I add snap-in to it

as seen on Super User - Search for 'Super User'
I have Windows 7 Ultimate OS. I'm opening mmc.exe as administrator and trying add Certificates or any other snap-in, then while loading that snap-in MMC breaks and displays following message and after that it closes automatically once I click on close button on that message. What could be the problem… >>> More
Handling keyboard and mouse input (Win API)

as seen on Game Development - Search for 'Game Development'
There is a number of ways to catch mouse or keyboard under Windows. So I tried some of them, but every of them has some advantages and drawbacks. I want to ask you: Which method do use? I've tried these: WM_KEYDOWN/WM_KEYUP - Main disadvantage is that, I can't distinguish between left and right-handed… >>> More

Related posts about appcompat

Application Compatibility Clients do not show in MSSQL database, but do show in \AppCompat\

as seen on Server Fault - Search for 'Server Fault'
Application Compatibility Clients are not denied access to the central MSSQL database, but are able to leave their own files in the \AppCompat\ share. The only computer that shows up in the "Microsoft Application Compatibility Manager" database is the the machine i initially created the .MSI installer… >>> More
Where are the Microsoft downloaded app compat updates stored?

as seen on Server Fault - Search for 'Server Fault'
Where are the Microsoft application compatibility update settings stored on a Windows XP, Windows Vista, and Windows 7 computer? Microsoft periodically release application compatibility updates (e.g. KB929427), where they list the shims that should be applied to a program in order to workaround known… >>> More
Why do my Application Compatibility Toolkit Data Collectors fail to write to my ACT Log Share?

as seen on Server Fault - Search for 'Server Fault'
I am trying to get the Microsoft Application Compatibility Toolkit 5.6 (version 5.6.7320.0) to work, but I cannot get the Data Collectors to write to the ACT Log Share. The configuration is as follows. Machine: ACT-Server Domain: mydomain.example.com OS: Windows 7 Enterprise 64-bit Edition Windows… >>> More
UACCEEventLog 301 Filling Event Logs

as seen on Server Fault - Search for 'Server Fault'
After pushing out clients for the MS Application Compatibility Toolkit on our domain via GPO, UACCEEventLog 301 occurs a few times per second in the event log. Several Thousand per hour. One test i need to do is logon with Administrator to see if these events go away while Admin, but of course that… >>> More
Signed and RequireAdministrator manifested executable being run from temp folder?

as seen on Stack Overflow - Search for 'Stack Overflow'
i manifested my executable as require administrator: <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">  <trustInfo xmlns="urn:schemas-microsoft-com:asm… >>> More