I'm developing a custom installer for my application, because I need to configure some peculiar settings that InnoSetup and other similar tools don't allow. The installer requires administrator privileges to perform the necessary configurations. At the end of the installation, it starts the newly installed application.
The problem is that this application is also launched with administrator privileges, inheriting the installer's permissions. This happens regardless of the method used to launch the application: CreateProcess, CreateProcessAsUser, ShellExecute, and even the obsolete WinExec.
In summary, my question is: From an application running with administrator privileges, how can I start another application with the "normal" privileges of the logged Windows user?
Raymond Chen has blog articles on this very subject:
How can I launch an unelevated process from my elevated process and vice versa?
TLDR; ask the user's Explorer instance to run the app, by using IShellDispatch2.ShellExecute().
How can I launch an unelevated process from my elevated process, redux
TLDR; ask CreateProcess() to make the user's Explorer instance be the parent of the app, by using the PROC_THREAD_ATTRIBUTE_PARENT_PROCESS attribute.