Go to bug ID
Hello, guest. We have noticed that you are not registered at this bug tracker. Your experience will be greatly enhanced if you log in. To do so, you first must register by clicking on the Register tab at the top. If you are already registered, you can login at the Login tab.
Syndicate Syndicate Listing Display Search Login/Register
Bug Id ?
Reporter ?
Pvt_Ryan
Product/Version ?
Crimson Editor / Version 3.72 Beta 241
Status ?
Reopened
Severity ?
Minor
Duplicate Of ?
- none -
Summary ?
CE asking for highest privilege is a security issue
Report Time ?
February 23, 2008 03:54:38 PM
Assignment ?
- none -
Resolution ?
Open
Priority ?
Normal
Dependencies ?
- none -


Attachments
UAC.patch UAC fix
UAC-updated.patch UAC fix 2 (apply previous first
Votes
For: 0 (0%)
Against: 0 (0%)
Total: 0

February 23, 2008 03:54:38 PM Pvt_Ryan
When UAC is enabled CE cannot write registry values for the context menu.

March 8, 2008 10:50:34 AM Pvt_Ryan
Right Click ce or its shortcut and choose run as administrator will allow you to add to the context menu.

March 9, 2008 12:56:12 PM Pvt_Ryan
Attached patch allows CE to request the Highest Available permissions for the user. Admin Users will see a prompt to run CE, standard users will not get prompted.

April 25, 2009 04:39:18 PM Ankit Singla
I don't think this is the right way to solve this. I'm okay with having it as a workaround, but there must be a way to only ask for elevation for a specific portion of the code. If there REALLY isn't, I'd rather put a string on that page of the options that tells the user they need administrator privileges to change those options (actually I'd almost want that regardless). Reason being, people don't try to add CE to the context menu on every run, and I'd really rather not have our software running as highest privileged when it doesn't need to. This seems like a gaping security hole to me...

April 25, 2009 04:41:16 PM Ankit Singla
Re-triaging
Status -> Reopened
Resolution -> Open
Summary changed

April 25, 2009 05:09:50 PM Ankit Singla
Aha. So seemingly this should be doable: http://msdn.microsoft.com/en-us/library/bb756922.aspx
That's not an amazing page though. I'll look around MSDN and see if I can find something that lays it out a bit better.

April 25, 2009 05:46:49 PM Ankit Singla
Oh. Looks like I lied: A mixed application does not have the ability to obtain additional administrative privileges once launched; therefore, it does not provide the flexibility of the elevated process or COM object method described previously. This is most useful for applications that require an access token above that of a standard user, but less than that of a full administrator.

In this case, I'll write up a patch that adds the text "User requires administrator privileges to edit this setting" assuming someone else doesn't get to it first. I would like to remove the run as highest behavior too, but I'll wait til I get confirmation that this is what we want to do.

June 6, 2009 11:29:59 PM Pvt_Ryan
A possible solution to this is to put the option of adding to the context menu in the installer and remove it from CE. Downside is that this cannot be undone except via a reinstall (installer could maybe be modified to add a "modify" option, in order to counter this).

This way user will only need to elevate permissions once, another "problem" this creates is that portable versions would not have this ability though in a way it does make sense that it they shouldn't anyway.