The comments in this oldnewthing article reveal a secret, even higher UAC setting: RunAsInvoker https://t.co/tTajZx6FlR
— Vincent Povirk (@madewokherd) August 18, 2016
RunAsInvoker is a secret,
even lower UAC setting.
RunAsInvoker does is to ignore any elevation
request in the application's manifest and treat the manifest
as if it had said
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
which is the default behavior. The program simply runs with the same privileges as the code that launched it. There is no attempt to elevate.
This means that if you run the program from an elevated command prompt, then the program stays elevated. If you run the program from a non-elevated command prompt, then the program stays non-elevated.
Make sure RegEdit is not already running, then
open a non-elevated command prompt and set
and then run
regedit from that command prompt.
The resulting copy of RegEdit
is running without administrator
You can see this by trying to edit something in HKLM.
While it's true that
RunAsInvoker suppresses UAC prompts,
that's true because
RunAsInvoker doesn't perform any elevation.
If you aren't performing any elevation,
then naturally you don't need an elevation prompt.
If the resulting process is elevated,
then it means that the calling process was already elevated.
You were already on the other side of the airtight hatchway.