使用Verb =“runas”的进程不会以Arguments中定义的凭据开头
[英]Process with Verb = “runas” does not start with the credentials defined in Arguments
问题描述
This 
这个
var psi = new ProcessStartInfo("cmd")
{
Verb = "runas",
UseShellExecute = true,
Arguments = "/user:domain\\username"
};
var ps = Process.Start(psi);
does not start the command line window with the given credentials nor asks for password. 不会使用给定的凭据启动命令行窗口,也不会要求输入密码。 I'd like to know how to use it properly. 我想知道如何正确使用它。
I was told, that one shouldn't use the StartInfo.UserName, Domain and Password method because it's not safe. 有人告诉我,不应该使用StartInfo.UserName,Domain和Password方法,因为它不安全。
1 个解决方案
解决方案1
0 2016-10-27 13:36:11
I wouldn't say that it is insecure to use such built in .NET functionality: Just don't save plaintext passwords in and you're good to go. 我不会说使用这种内置的.NET功能是不安全的:只是不要保存明文密码,你很高兴。 Just provide all the non-critical properties to your ProcessStartInfo just as .NET wants you to, and then promt the user for the password: 只需像.NET要的那样为ProcessStartInfo提供所有非关键属性,然后向用户提供密码:
var psi = new ProcessStartInfo("cmd")
{
UseShellExecute = true,
UserName = "username",
Domain = "domain"
};
SecureString password = new SecureString();
Console.WriteLine("Please type in the password for 'username':");
var readLine = Console.ReadLine(); // this should be masked in some way.. ;)
if (readLine != null)
{
foreach (var character in readLine)
{
password.AppendChar(character);
}
psi.Password = password;
}
var ps = Process.Start(psi);
However, as my comment states, you should mask the password-promt in some way. 但是,正如我的评论所述,您应该以某种方式掩盖密码提示。 see Password masking console application for an example on how to achieve this... 请参阅密码屏蔽控制台应用程序 ,了解如何实现此目的...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.