Windows 7, First Impressions

This is a discussion on Windows 7, First Impressions within the General Discussions forums, part of the Community Boards category; O_o I only skimmed the various articles you've linked so you must forgive me, or not I don't really care, ...

  1. #16
    Master Apprentice phantomotap's Avatar
    Join Date
    Jan 2008
    Posts
    4,415
    O_o

    I only skimmed the various articles you've linked so you must forgive me, or not I don't really care, for asking for some direction/clarification.

    Am I right in my thinking that this "UAC" "exploit" only works for a user logged in to an account with administrator privileges?

    UAC is basically the same as sudo on UNIX.
    Well, with `sudo' the administrators have finer control over who can do what. (Or can you really use "UAC" to give specific non-privileged users "Program Files" installation rights but not other users?)

    Soma

  2. #17
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,581
    Quote Originally Posted by phantomotap View Post
    Am I right in my thinking that this "UAC" "exploit" only works for a user logged in to an account with administrator privileges?
    Yes. Because Run32DLL.exe is part of the trusted group of applications (several file extensions that ship with windows, are digitally signed Microsoft Publisher, and belong to an internal list of Ok applications) it is silently elevated. However under a standard account, there's no silent elevation of anything and run32dll.exe fires a UAC prompt along with an admin password request, ala sudo.

    Some detractors complain, but we need admin rights because certain applications don't run without admin rights. They tend to not understand that is exactly what UAC is for. To allow them to use a standard account and still use these applications, ala sudo. UAC is an effort to have us switch our minds into starting to use windows from a standard unprivileged account. Forever putting admin accounts to rest for daily normal usage.

    In any case run32dll is indeed a special case. And later Microsoft did remove it's auto-elevated privilege. So now, the exploit does't work anymore under an admin account. Well, it works, if you say yes to the UAC prompt you are seeing in front of you asking if you really want for Run32DLL.exe to execute that strange looking DLL from a temporary folder named rtxyhhxsrdt.

    Well, with `sudo' the administrators have finer control over who can do what. (Or can you really use "UAC" to give specific non-privileged users "Program Files" installation rights but not other users?)
    Good point. Admin in windows is indeed more restrictive than root under Linux. The only account that really has full control is SYSTEM. As my UAC misinformed complain on the very first post of this thread clearly demonstrated, a full admin still doesn't have full control over the system.

    So there's quite a bit of adapting to the new rules and new ways of doing things. From my first experiments during the past hours, this is a lot more transparent for standard unknowledgeable users running off a standard account. They will be doing things as they usually did with just the "annoying popups" showing up once and awhile. For power users running under a standard account or under an Admin account there's more adapting and some frustrating moments until the concept is fully realized. Definitely, if like me, they come from Windows XP.

    However to answer your question directly, yes. An administrator can change user account rights through the Local Security Policies administrative tool. And because of UAC you don't need to login as an administrator. You just insert an administrator password when you fire it from a standard account. Familiar?
    Last edited by Mario F.; 08-11-2009 at 07:58 AM.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

Page 2 of 2 FirstFirst 12
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Windows 98/2000 programming in Windows XP
    By Bill83 in forum Windows Programming
    Replies: 3
    Last Post: 07-22-2005, 03:16 PM
  2. Dialog Box Problems
    By Morgul in forum Windows Programming
    Replies: 21
    Last Post: 05-31-2005, 06:48 PM
  3. dual boot Win XP, win 2000
    By Micko in forum Tech Board
    Replies: 6
    Last Post: 05-30-2005, 03:55 PM
  4. SDL and Windows
    By nickname_changed in forum Windows Programming
    Replies: 14
    Last Post: 10-24-2003, 01:19 AM
  5. IE 6 status bar
    By DavidP in forum Tech Board
    Replies: 15
    Last Post: 10-23-2002, 06:31 PM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21