 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / Languages / Managed C++ / April 2006Generating an application manifest with a trust level section for an administrative application
Is there any way to coax the VC8 linker into generating an application manifest with a trust level section suitable for an administrative application? Or do I have to add this manually each time that I rebuild? Regards, George. Hi George, >Is there any way to coax the VC8 linker into >generating an application manifest with a trust >level section suitable for an administrative >application? Would you please provide more detailed information about this issue? How do you use the -tr option manually to generate the application manifest right now? Thanks for your understanding! Best regards, Gary Chang Microsoft Community Support ====================================================== PLEASE NOTE the newsgroup SECURE CODE and PASSWORD will be updated at 9:00 AM PST, February 14, 2006. Please complete a re-registration process by entering the secure code mmpng06 when prompted. Once you have entered the secure code mmpng06, you will be able to update your profile and access the partner newsgroups. ====================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from this issue. ====================================================== This posting is provided "AS IS" with no warranties, and confers no rights. ====================================================== Gary, Thanks for your reply. I am referring to setting the requestedExecutionLevel attribute. See the section on "Application Manifest Schema" in http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnlong/html/Acc ProtVista.asp. According to another MSDN article which I can't seem to find right now, this is an extension of the trust level section. The article is dated September 2005 but you must have known about it for some time internally. Surely you have given some thought to this by now. > Would you please provide more detailed information about this issue? How > do > you use the -tr option manually to generate the application manifest right > now? Frankly, that is not a very palatable option. It would be nice to find a simple example of an administrative application manifest that didn't contain a bunch of COM or .Net gobble-de-gook. Regards, George. To answer my own post (in part): > It would be nice to find a simple example of an administrative > application manifest that didn't contain a bunch of COM or .Net > gobble-de-gook. I pulled this off of somebody's blog (with corrected syntax): <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"> <security> <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator" uiAccess="true"/> </requestedPrivileges> </security> </trustInfo> </assembly> Regards, George. That's great, George! I am glad to know you found the solution. If you have any more concerns on it, please feel free to post here. Have a nice day! Best regards, Gary Chang Microsoft Community Support ====================================================== PLEASE NOTE the newsgroup SECURE CODE and PASSWORD will be updated at 9:00 AM PST, February 14, 2006. Please complete a re-registration process by entering the secure code mmpng06 when prompted. Once you have entered the secure code mmpng06, you will be able to update your profile and access the partner newsgroups. ====================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from this issue. ====================================================== This posting is provided "AS IS" with no warranties, and confers no rights. ====================================================== Gary, As I stated, my previous post only answered my question "in part." The unanswered part is how to get the linker to add this automatically so that I don't have to edit the manifests manually. Is there any way to get the linker to insert custom xml into the manifest? To update my previous post: > <requestedExecutionLevel level="requireAdministrator" uiAccess="true"/> < Omit "uiAccess="true"" for console admin applications. Substitute this line instead: <requestedExecutionLevel level="requireAdministrator"/> Regards, George. Sorry, Georgr, I missed your original point. :( >Is there any way to get the >linker to insert custom xml into the manifest? yes, you can merge your manifest into the application's manifest: 1. Open the project's Property Pages dialog. 2. Specify the manifest file you need to insert in the Configuraion Properties/Manifest Tool/Input and Output/Additional Manifest Files entry. 3. Click OK and Rebuild the project. Wish this helps! Best regards, Gary Chang Microsoft Community Support ====================================================== PLEASE NOTE the newsgroup SECURE CODE and PASSWORD will be updated at 9:00 AM PST, February 14, 2006. Please complete a re-registration process by entering the secure code mmpng06 when prompted. Once you have entered the secure code mmpng06, you will be able to update your profile and access the partner newsgroups. ====================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from this issue. ====================================================== This posting is provided "AS IS" with no warranties, and confers no rights. ====================================================== Gary, Well this procedure works well as far as the VC8 linker is concerned. However the output took down every system on which I tried to run the application with the merged manifest. This doesn't happen if I edit the manifests manually. This isn't really your problem (in this NG) but it certainly is a problem for someone at MS. Regards, George. > Sorry, Georgr, I missed your original point. :( > [quoted text clipped - 28 lines] > rights. > ====================================================== Thanks for understanding, George. I apologize for any inconvenience this may cause you, we will forward your feedback to our corresponding product team for review. Good Luck! Best regards, Gary Chang Microsoft Community Support ====================================================== PLEASE NOTE the newsgroup SECURE CODE and PASSWORD will be updated at 9:00 AM PST, February 14, 2006. Please complete a re-registration process by entering the secure code mmpng06 when prompted. Once you have entered the secure code mmpng06, you will be able to update your profile and access the partner newsgroups. ====================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from this issue. ====================================================== This posting is provided "AS IS" with no warranties, and confers no rights. ====================================================== > Thanks for understanding, George. > > I apologize for any inconvenience this may cause you, we will forward your > feedback to our corresponding product team for review. I want to confirm what George is seeing. If I include the manifest he posted in a .manifest file and let the manifest tool generate the resource, it causes a BSoD on XP systems. Sometimes, I have to run the app two or three times before it crashes, and sometimes the crash takes a few seconds to kick in, but it's consistent. Before I found this thread, I had narrowed it down to the <security> tag. It seemed that, no matter what I included in <security>, if it was present, the app would crash. However, the security section is necessary for UI automation applications in Windows Vista (http://windowssdk.msdn.microsoft.com/library/default.asp?url=/library/en-us/wpf_ conceptual/html/1d853695-973c-48ae-b382-4132ae702805.asp), so removing it is not an option. As a side note, the IDE doesn't understand the requestedPrivileges and requestedExecutionLevel tags. It generates a warning if they are present in the .manifest file. I did enter a bug against this in the MSDN product feedback center at http://lab.msdn.microsoft.com/ProductFeedback/viewFeedback.aspx?FeedbackID=FDBK48918 if anybody wants to validate/vote on it. To workaround this, you can either edit the resource directly after building, or do what I did: 1) Manually add a resource to the project of type RT_MANIFEST and ID of 1. 2) Paste the contents of the .manifest file into the resource. 3) Go to the project properties, go to the manifest tool's input/output section, and turn off the option to embed the manifest. Then, when you build, the resource will be properly formed, won't crash XP, and will allow UI automation in Vista (as long as you sign it), without having to remember to manually edit the resources after building.  SignatureTroy Troy, Sorry to see this is still a problem on XP systems. I guess someone will have to develop an exploit to get it fixed. :-) What I find particularly interesting is that vulnerable systems go down hard. They don't even genearate a crash dump. Regards, George. >> Thanks for understanding, George. >> [quoted text clipped - 41 lines] > and will allow UI automation in Vista (as long as you sign it), without > having to remember to manually edit the resources after building. > Troy, > > Sorry to see this is still a problem on XP systems. I guess someone will > have to develop an exploit to get it fixed. :-) What I find particularly > interesting is that vulnerable systems go down hard. They don't even > genearate a crash dump. Thanks to your post, I realized that it wasn't a problem in the manifest itself, like I first thought. The workaround isn't too bad, but it does mean that changes to the manifest are a two-step process, since you have to edit the XML file as well as the .RC. I suppose you could edit the resource directly, but it's much easier to work with XML than a hex dump. <g> I've never entered a bug through the MSDN product feedback, so I'm not sure if you can see it at http://lab.msdn.microsoft.com/ProductFeedback/viewFeedback.aspx?FeedbackID=FDBK48918. Maybe if enough people vote on it, it might get fixed. :) SignatureTroy
Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.