|
|
| 第 9 行: |
第 9 行: |
| 用户帐户控制(User Account Control,UAC)是 [[Windows Vista]] 及以上版本中包含的一项安全功能,它将非强制性管理员应用程序限制为标准用户权限,除非明确授予它们管理员权限。 | | 用户帐户控制(User Account Control,UAC)是 [[Windows Vista]] 及以上版本中包含的一项安全功能,它将非强制性管理员应用程序限制为标准用户权限,除非明确授予它们管理员权限。 |
|
| |
|
| == Functionality == | | == 功能 == |
| On tasks that requires administrative privileges, the system initializes <code>consent.exe</code> (which shows the UAC prompt) under the SYSTEM account and an application called <code>SSSecure_UAC_Background</code> (which covers the desktop with a dark overlay, also officially referred to as '''secure desktop'''). The consent prompt shown by UAC will then provide essential information about the identity of the program alongside with a notice on the top that signifies the security of the program:
| | 在需要管理权限的任务上,系统会在 SYSTEM 帐户和名为 <code>SSSecure_UAC_Background</code> 的应用程序(用深色覆盖层覆盖桌面,亦被正式称为安全桌面,secure desktop)下初始化 <code>consent.exe</code>(显示 UAC 提示符)。然后,UAC 显示的同意提示将提供有关程序身份的基本信息,并在顶部显示表示程序安全性的通知: |
| * Blue (white in [[Windows 11]]) - signed program | | * 蓝色(在 [[Windows 11]] 中为白色) - 已经过签名的应用程序 |
| * Yellow - unsigned application | | * 黄色 - 未经过签名的应用程序 |
| * Red - administrator-blocked or certificate-revoked executable (usually happens when the code signing becomes invalid when [[Windows 10 build 14965.1001]] and later expires). | | * 红色 - 管理员阻止或证书吊销的可执行文件(通常在 [[Windows 10 Build 14965.1001.rs_prerelease.161104-1700|Windows 10 Build 14965.1001]] 及更高版本过期的情况下代码签名失效时发生)。 |
| Additionally, it can also display a password prompt if the current user does not hold administrator privileges, requiring an administrator to enter their credentials in order to continue. This is the process of authorizing a program to run at administrator privileges, also called '''elevation'''.
| | 此外,如果当前用户没有管理员权限,它还会显示密码提示,要求管理员输入其凭证才能继续。这是授权程序以管理员权限(也被称为提权,elevation)运行的过程。 |
|
| |
|
| The early implementation of UAC (called '''UAP''' - '''User Account Protection''') used a different keyword for the administrator privilege request. Unlike the modern implementation, which uses the keyword <code>asInvoker</code>, the early implementations used <code>requireAdministrator</code> instead. This leads to an inability to run modern programs within builds that used this implementation as they will produce a run-time error. It is possible to modify a program's manifest to use the older keyword to trigger the UAP prompt, in turn allowing the program to run correctly. However, programs that perform an integrity verification (such as setups) will not run due to the program's checksum no longer matching the checksum it is verified against.
| | UAC 的早期实现(称为 UAP - User Account Protection,用户帐户保护)对管理员权限请求使用不同的关键字。与使用关键字 <code>asInvoker</code> 的现代实现不同,早期实现使用 <code>requireAdministrator</code>。这会导致无法在使用此实现的版本中运行现代程序,因为它们会产生运行时错误。可以修改程序的清单以使用较旧关键字来触发 UAP 提示符,从而允许程序正确运行。但是,执行完整性验证(如安装程序)的程序将不会运行,因为程序的校验和不再与验证它所依据的校验和匹配。 |
|
| |
|
| Elevated processes are then isolated from non-elevated processes by running at a higher integrity level, which prevents most interactions initiated by lower-level processes in order to avoid privilege escalation attacks.
| | 然后,通过在更高的完整性级别运行,将提升的进程与非提升的进程隔离开来,从而防止由较低级别的进程发起的大多数交互,避免权限提升攻击。 |
|
| |
|
| == History == | | == History == |