Elevate permissions on save - patched version

  • Hello,

    When you try to save a file in Notepad++ which requires administrator privileges, you get an error message instead of the familiar "elevate permissions" prompt. I submitted a patch recently which fixes this, but sadly it was rejected. I think this is a total "must have" feature (and I suspect anyone who edits system files etc with any regularity would agree!), so I've taken it upon myself to maintain a patched version of Notepad++. It is available from here:


  • bypasser


    I submitted a patch recently which fixes this, but sadly it was rejected.

    That's probably because you don't really have a pretty solution. I'd prefer to use IFileOperation with the FOFX_SHOWELEVATIONPROMPT flag, rather than using an additional executable. And copying files "byte-by-byte" is gently saying definitely not good. There are Get/SetFileAttributes and Get/SetSecurityInfo.

  • Hey now, saying my patch compares unfavorably in prettiness compared to COM - them's fightin' words.

  • bypasser

    I don't really understand your expression, but the thing is not about COM. It's about doing a privileged action without any need to elevate your process. Unfortunately, to my knowledge COM is the only official way do this.

    And even if you introduce an additional executable, then copying "byte-by-byte"… Don't you think it's a very dirty solution? In case you choose to have a separate executable for saving a file into a privileged location, a much better idea would be to create a shared section and save the file directly.

  • "Them's fighting words" is an idiom meaning that you've said something that will lead to a fight. (But it was a joke referring to the ugliness of COM - I assure you I'm quite unwilling to fight over code ;))

    Admittedly byte-by-byte copying is not good, but it's easy to fix and I've already done it, so eh. Seeing as the patch was rejected for complexity, I'm unlikely to spend time changing it to use more complex IPC.

  • bypasser


    "Them's fighting words" is an idiom meaning that you've said something that will lead to a fight.

    Oh. Thank you for the clarification.

    Seeing as the patch was rejected for complexity

    I just didn't know, why it was rejected, but I also didn't like the implementation. Anyway the feature would be definitely quite handy.


  • Anonymous

    I also would like to see this feature implemented in the official branch

  • bypasser

    The new elevated code is better, but how about elevating the existing file handle permissions? This would still require an additional executable, but resolves two other problems at once: elevation is then required only once in a session and you also can write modifications directly without creating a temporary file. I see two ways to do that, and both are IMHO not perfect: the first one involves invoking OpenProcess for the parent process (which may irritate some proactive defence systems) and the second involves creation of a communication object such as a named pipe (my personal preference is to avoid creation of globaly visible and accessible named objects). The elevation sequence for the first way should contain the following steps:

    I. From NPP:
    1) ShellExecuteEx(&sei); to start the elevated/elevating process, passing the path to the file, which should be opened for writing.
    2) WaitForSingleObject(INFINITE, sei.hProcess); to wait for the termination of the elevated process.
    II. From the elevated process
    1) Either official CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,&pe)+Process32First+Process32Next to enumerate processes and find the parent PID within the corresponding PROCESSENTRY32 structure or not quite official direct call to ZwQueryInformationProcess(GetCurrentProcess(),ProcessBasicInformation,&pbi,sizeof(pbi),NULL) to take the parent PID from PROCESS_BASIC_INFORMATION.InheritedFromUniqueProcessId .
    2) hNpp = OpenProcess (PROCESS_DUP_HANDLE, FALSE, pbi.InheritedFromUniqueProcessId);
    3) hFile = CreateFile to open the requested file for writing.
    4) DuplicateHandle(GetCurrentProcess(), hFile, hNpp, &hFile2, 0, FALSE, DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS); to create a writable handle for the NPP.
    5) CloseHandle(hNpp); always be neat :-)
    6) ExitProcess(hFile2); to pass the writable handle to the NPP.
    III. From NPP:
    1) GetExitCodeProcess(sei.hProcess,&hWritable); to obtain the elevated handle.
    2) CloseHandle(hNpp); CloseHandle(sei.hProcess); one more attempt to stay neat.
    3) Replace the original handle to the file NPP had with the handle hWritable, and save data directly.

    The second way is quite similar, but to avoid OpenProcess from the elevated process you could either pass the valid handle to NPP (obtained by invoking DuplicateHandle) to the elevated process over a pipe, or pass back to NPP the writable handle to the file over the pipe and invoke DuplicateHandle for this writable handle to make it valid in the context of NPP. In both cases OpenProcess for a different process is avoided, because NPP already has the handle to the elevated process from ShellExecuteEx.

    P.S. Written in the hope it would facilitate adding the feature into the official release. :-)

  • oh-nice

    In your version exist in 'Edit' menu the "Select all"- button twice!
    MENUITEM "Select A&ll", 42007
    MENUITEM "Select A&ll", 42007
    and in 'Edit' menu from menu "Copy to Clipboard" to "Paste Special" are the
    menu allocation shifted!?

  • It's true that Select all appears twice (whitespace error when applying a patch). Will be fixed soon.

    The edit menu also includes "Open containing folder" (https://sourceforge.net/p/notepad-plus/patches/456/).

  • oh-nice

    How to download on github, can`t find a button there ...

    Last edit: oh-nice 2013-09-30
  • After clicking on the .exe, choose "View raw".