How do you de-elevate privileges for a child process
I know how to launch a process with Admin privileges from a process using:
proc.StartInfo.UseShellExecute = true;
proc.StartInfo.Verb = "runas";
where proc is a System.Diagnostics.Process. But how does one do the opposite?
If the process you're in is already elevated, how do you launch the new process without admin privileges? More accurately, we need to launch the new process with the same permission level as Windows Explorer, so no change if UAC is disabled, but if UAC is enabled, but our process is running elevated, we need to perform a certain operation un-elevated because we're creating a virtual drive and if it's created with elevated permissions and Windows explorer is running unelevated it won't show up.
Feel free to change the title to something better, I couldn't come up with a good description.
Answer
The solution for you is to use EXPLORER.exe process.
The idea is to run the process in UN-ELEVATED mode, using windows's file explorer process explorer.exe (info).
Lets say the process that we want to launch is on $TEMP\MyUnElevatedProcess.exe.
So, for NSIS code, I will just write: (but can be run in ANY language)
Exec '"$WINDIR\explorer.exe" "$TEMP\MyUnElevatedProcess.exe"'
Example code (using NSIS installer)
Exec '"$WINDIR\explorer.exe" "$TEMP\MyUnElevatedProcess.exe"'
***code taken from http://mdb-blog.blogspot.com/2013/01/nsis-lunch-program-as-user-from-uac.html