Some modern operating systems attempt to prevent unauthorized applications or programs from running on computing systems by limiting the privilege levels granted to such applications or programs. For example, an operating system may assign reduced or “standard” privileges to an application until a user with full or “administrative” privileges explicitly grants higher privileges to the application. In theory, since an administrator should only grant full or administrative privileges to trusted applications, malware should be kept from receiving the privileges necessary to access or compromise protected computing resources.
For example, an operating system may require that an administrator or user of a computing system approve any attempt to install application software on the computing system. However, because some operating systems prevent privileges for a process from being changed once the process has started, an executable wrapper may be used to launch the process with privileges to begin with. For example, an executable wrapper for an application may be used to prompt the administrator or user of the computing system for permission to temporarily elevate privileges for the application so that the application may be properly installed.
Some applications require access to protected computing resources (and thus require elevated privileges) even after they have been successfully installed. For example, an application installed in a WINDOWS environment may require access to protected computing resources (such as protected web-server information) in order to be modified or updated via the “Programs and Features” control panel applet. Unfortunately, unless an executable wrapper is used to modify or update applications installed in such an environment, elevated privileges for the application may not be requested or obtained, such that modification or update of the application may fail. Use of such an executable wrapper is not, however, always possible, practical, or desirable. In such cases, an alternative method may be required to launch the same process with elevated privileges.