TW200928747A - Method for avoiding user account control and computer accessible storage media to store program thereof - Google Patents

Abstract

A method for avoiding user account control (UAC) is provided. A service program (SP) is provided in a system. A UAC Authorization Prompt UI is appeared only when the SP is installed into the system. An application program (AP) will not transmit an operating command to the function program (FP), but transmit request information to the SP in accordance with the protocol of the system when the AP proceeds an operation needed the Administrator's authority. The SP transmits the operating command for the FP in accordance with the request information. In the UAC mode, transmitting the request information to the FP from the SP will not trigger the UAC. Therefore, the UAC Authorization Prompt UI is not appeared.

Description

200928747 L/J87twf.doc/n IX. Description of the Invention: [Technical Field] The present invention relates to a computer software, and in particular to a user account control (UAC) in a avoidance operating system The method. ’ [Prior Art] Ο For information security considerations, the operating system may have various security mechanisms. For example, Microsoft (10)cro read) the Vista Windows 2 system issued by the company for the sake of security, set the user account control user account control is in the state, all need to manage will appear in the query window for _ use For example, '圏1 is a description of the traditional "user account to the second general" user will perform some special tasks by executing the application (in step su, the system "user a application" Execute each action (step 1) paste this program (4) the action executed ^ right, S13G judgment result is 'S140 to continue to execute the application limit' then step the application execution _ is riding The result is 'system setting, installation software, shutdown'; the business (such as the change control mechanism) will be paved, etc.) 'user account user confirmation sentence, /俨 right / μ current inquiry window (step S150) In order to make this inquiry window appear, make _ method: 仃 _ _ ' until the producer responds __,. _ fafa 5 200928747

"U〇V/. J ^^87twf.doc/n in step s_巾' the user can select the window through this query (to perform the step to continue executing the application), or select step S170 to stop execution Application) SHO, then it should be difficult to finish the specific work. Although "user account control" can effectively eliminate some of the same, it also enhances the secret security, but still causes many users No = Some users will go to the "Enable = Home Control" function if they are uncomfortable. Of course: and the indiscriminate closure of the "use control" feature often creates security problems. SUMMARY OF THE INVENTION In order to solve the above problem, the present invention proposes a method for controlling user CGntlOl, UAC. First of all, the job ‘ Ιϊ 此 this operating system has user account control, system’ and the service program has the administrator authority of (4). The information should be sent to the service program. According to the demand information, the service program issues # instructions to the function program. The invention provides another kind of computer that can read the domain and use the brain program. The computer program is used to carry people into the computer system and causes the private system to perform the above method of avoiding user account control. In the month of the installation of the service program to the system, "user" i wants == window (review screen). When the application wants to perform a job, the application is based on the system's & transfer required information to the aforementioned service program. According to the above requirements, the Bayes 5' service program will replace the application transfer operation instructions to the function program 200928747 ^387twf.doc/n. Therefore, the service program transmits the operation command 仏;::r control", will, the preferred embodiment, and cooperate with the second point; the following: the text [embodiment] A person skilled in the art can refer to the following examples ^ The following embodiments can also be implemented in the form of a computer program, and the JI can use the computer to read the storage medium to store the computer program, and the computer line avoids the user account control method. Lu * This embodiment will use the Vi Gaming window operating system issued by Microsoft as an application example. % is called the window operating system. For the sake of security, the mechanism of "user account control" is set. In the state where "User User Control" is enabled, all programs/operations that require administrator authority to execute will be displayed in the inquiry window to ask if the execution is to be continued. In order to avoid triggering the "user account control" mechanism frequently, and also hope not to turn off the security protection mechanism of the "user account control", the embodiment of the present invention will be described with reference to FIG. 2 is a diagram illustrating a method of avoiding "user account control" in accordance with an embodiment of the present invention. This method establishes/provides a service program in the environment of the Vista window operating system (step S210), and the service program has the administrator authority of the Vlsta window operating system. The "User Account Control" inquiry window (authentication page) appears when the service program is installed on the system. 7 200928747 V t VOX/ / . X ττ ^-v-/ 87twf.doc/n Since this service program can be pre-installed into the product system by the manufacturer before the product is sold, the user will not encounter the above inquiry. Windows. In the present embodiment, a job/function (such as changing system settings, installing software, or turning off a specific device) that requires administrator authority is separated from the application and becomes a "functional program". This function can be implemented in any way, and its possible implementation includes the "Dynamic Lmk Library" (DLL). When the application wants to perform an operation requiring administrator rights, the application does not transmit the operation command to the function program, but transmits the demand information to the service program according to the system's default communication protocol (step S22〇). ). Based on the above demand information, the service program will send an operation instruction to the application S230 instead of the application. Under the "user account" of the (10) Windows operating system, the service program with administrator authority transmits an operation command to the function mode, which does not trigger "user account control". Therefore, the User Account Control inquiry window will not appear. The embodiments of the present invention are not limited to the description of the above embodiments. Figure 3 ❹ {According to the present invention, the information flow of each program of the ship is implemented. 4 is a diagram illustrating another method of avoiding "user account control" in accordance with an embodiment of the present invention. Wherein the part of FIG. 4 can be implemented with reference to the related description of FIG. 2, the same parts will not be described herein. Referring to FIG. 3 and FIG. 4 simultaneously, the service program 330 is provided in step S210. In general, the user will perform certain tasks (steps just) by executing the application. In the application process of the application program, the "user account control" mechanism checks every 8 200928747 87twf.d 〇 c / n actions of the application 3 〇 (step S42 〇). In the present embodiment, the tasks/functions (such as changing system settings, installing software, or turning off specific devices) that are required by the administrator have been separated from the application 310 into a "functional program" 340. Therefore, the result of the determination in step S43 is that the action performed by the application 31 does not require the administrator authority, and then the step S220 is performed to continue the execution of the application. In step S220, the application 310 transmits the demand information to the service program 330 according to the system-defined communication protocol. Here, step S220 can include: creating a named pipe (Named Pipe) 320 between the application 310 and the service program 330; and transmitting the demand information to the service program 33 via the named pipe 32. The above "requirements information" may include the path of the function program 340, the function name of the round function (Export Function Name), and/or the argument for the function (Argument for func). In addition, the communication protocol between the application program 31 and the service program 33 is not limited to the above, and it can also be implemented by using domain socket, memory mapping, and the like. Next, in step S23〇', based on the above demand information, the service program 330 will issue an operation command to the function program 34〇 instead of the application 31. The function program 34 executes the operation command in step S440. The function program 34 is called through the service program 330, so that the function program 34 is executed to complete a predetermined job/function (such as changing system settings, installing software, or turning off a specific device, etc.). In the "user account control" mode of the Vista window operating system, the service program 330 having the administrator authority transmits an operation command to the function program 340, which does not trigger "user account control". Therefore, the "User Account Control" inquiry window will not appear. 9 200928747 i87twf.doc/n You: ^70 After step S44G, the power line type 34G may follow the operation and return the execution result to the service program 330 (step S450). = After the service program executes the result, the job is passed back to the application 310 via the s channel 320. In summary, in this embodiment, only when the service program is installed, the inquiry window (authentication page) of "user account control" appears. After ς2, the service program 33〇1 is in the resident system and no longer needs to use the program 31. It wants to perform an operation requiring administrator authority. ‘This transfer type 31G is transmitted according to the secret agreement.

St. 330. Based on the above demand information, the service program 33 transmits the operation command to the function program 340 in response to the secret mode 31G. Since the instruction 310 transfers the operation command to the function program 34, it does not trigger the "make ΪΪ"", so the user account control will not appear. This embodiment can prevent the normal security operation from being avoided. "Usage Control: Interference" does not need to be turned off "User Accounts. Although the present invention has been described in terms of a preferred embodiment, any of the technical fields in the art can be deviated from the spirit of the present invention. Scope is attached to the application: ^ [Simplified description of the schema] Figure 1 is a diagram illustrating the traditional "user account control" mechanism. 200928747 --------- One 387 twf.doc/n "User Account Figure 2 is a diagram illustrating a method of avoiding control" in accordance with an embodiment of the present invention. 3 is a diagram showing the flow of information between programs in accordance with an embodiment of the present invention. Figure 4 is a diagram illustrating another method of avoiding two account controls in accordance with an embodiment of the present invention.义 [Main component symbol description] 31〇: Application 32〇: named pipe 330 • Service program 34〇: function program S110~S170: mechanism of traditional “user account control” 2: method sir embodiment description Open "users' use == embodiment to explain another kind of avoidance"

Claims (1)

200928747 »387twf.d〇c/n X. Application for patents: & User account control methods, including: · Applying: The service has managerial authority; According to the demand; News; Program; Ability to program. The service wire type A-county order gives a credit ❹ method m special outline item 1 of the system account control of the function program to execute the operation instruction; the program according to the command, the Wei Cheng fine transmission - The execution result is sent to the application by the service program. 3. The method for avoiding user account control as described in claim 1 of the patent application, wherein the step 1 of transmitting the demand information to the service program includes: creating a named pipe for the application and the service program And ❹ transfer the demand to the bribery program through the named pipeline. 4. The method of controlling user account according to item i of the patent application scope, wherein the function program is a dynamic link library. Wei 5. The method of avoiding user account control as described in claim 1 of the scope of the patent application, wherein the operating system includes a system of eight windows. 6. A computer readable storage medium for storing a computer program for loading into a computer system and causing the computer I to perform a user account as described in claim 1 Control ^ method. Force 12