On 30/03/2022 15:11, Stephen Greenfield wrote:
> So my actual core application (the one that can't be compiled but must
> run as Administrator) is actually "sub-launched" from a launcher app
> that I CAN easily rebuild.
>
> If I give that modern 64-bit launcher proper admin permissions, and it
> launches the older 32-bit app, can it confer Admin permissions on the
> sub-launched app? Or perhaps combining installer-set UAC settings?
Yes, if the parent process is running as admin, then a child process
will also be launched as admin by default. It takes extra steps to
"switch". (It's also a lot easier to go from non-admin to admin than
the reverse.)
The more things that are running as admin, the more things that can be
attacked for security holes, though.
If you're only launching your other app from a launcher, then you can
still run your launcher non-elevated, but use ShellExecute("runas") to
launch the other app elevated. This mostly just changes the timing of
the UAC prompt.