In a java program I developed, I need to open a connection on port 21 (ftp), but Windows 7 by default blocks this port. I tried to add a rule in the firewall allowing the connection using Runtime.getRuntime (). Exec ("netsh ..."), but netsh needs admin permission. Is there a way in java to invoke a window requesting permission?
Admin permission to run netsh in java
0
asked by anonymous 12.05.2017 / 02:40
1 answer
2
Well, there are a few ways you can do this by what you meant by your question.
1 - Creating a Manifest
You need to create a manifest file that specifies that your application needs administration permissions. You can include this manifest within your exe or leave it separate from your file (yourapp.exe.manifest).
2- Runes
Runes allows a user to run specific tools and programs with different permissions than the current user logon provides.
There is a difference between being connected to an account that is part of the Administrators group and running (a) elevated or (b) as the built-in Administrator account.
Whenever you run as an Administrator, you are always elevated - by definition. Therefore, if you run / user: administrador this window will be raised when it opens, you will not receive a UAC prompt and the netsh command should be run.
But because the built-in Administrator account always runs at high levels and does not generate UAC runp prompts, it is a security risk, especially if you do not have a password. This is why Microsoft disables the administrator account by default and requires you to enable it first:
In Windows® 7, the integrated administrator account is disabled by default. In earlier versions of Windows, an administrator account was created automatically during Out-of-Box-Experience (OOBE) with a blank password.
An administrator account with a blank password is a security risk. To better protect your system, the built-in Administrator account is disabled by default on all clean installs and Windows 7 updates.
Because of this, you need to enable Admin mode by doing the following:
Altere as propriedades da conta de administrador usando a Console de Gerenciamento Microsoft (MMC) de Usuários e Grupos Locais.
1 - Abra o console do MMC e selecione Usuários e Grupos Locais.
2- Clique com o botão direito do mouse na conta Administrador e selecione Propriedades.
3 - A janela Propriedades do administrador é exibida.
4 - Na guia Geral, desmarque a caixa de seleção Conta desativada.
5 - Feche a consola MMC.
Also, be aware that runas does NOT allow you to pass arguments to the run program:
RUNAS :
RUNAS [ [/noprofile | /profile] [/env] [/savecred | /netonly] ]
/user:<UserName> program
RUNAS [ [/noprofile | /profile] [/env] [/savecred] ]
/smartcard [/user:<UserName>] program
RUNAS /trustlevel:<TrustLevel> program
Simple example
The following command starts an instance of the command prompt as an administrator on the local computer:
runas /user:<localmachinename>\administrator cmd
3 - Batch files
You can use a Windows program to elevate your privileges. The program will display the UAC prompt and then you will have administrator privileges.
You can then run for command like this:
Runtime.getRuntime (). Exec ("Elevate.exe yourcommand");
Extra information:
NOTE: If you have questions regarding the above topics, just ask.
21.05.2017 / 04:34