Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Is there a way to remember a trusted program ...

microsoft.public.windows.vista.administration accounts passwords






Speedup My PC
Reply
  #1 (permalink)  
Old 06-26-2007
Rej
 

Posts: n/a
Is there a way to remember a trusted program ...
Is there a way to have UAC remember a program I trust so that it won't popup
the UAC consent window everytime I start it?

I'm trying to load on startup 'Process Explorer' but I can since it requires
permission.

If the procedure to have a program load on startup is different than not
having the UAC window popup, I'd like to know for the popup as well since
there are other software that I would allow without question (unless they
change of course).

Thx in advance
--
Rej
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 06-26-2007
Rej
 

Posts: n/a
RE: Is there a way to remember a trusted program ...
Found out you can't do it.. sorry for the bother.

P.S. hope they add a feature that would allow us to remember trusted
programs until they get changed or modified.. pretty much every firewalls I
know have this feature. SP1 anyone?

--
Rej


"Rej" wrote:

> Is there a way to have UAC remember a program I trust so that it won't popup
> the UAC consent window everytime I start it?
>
> I'm trying to load on startup 'Process Explorer' but I can since it requires
> permission.
>
> If the procedure to have a program load on startup is different than not
> having the UAC window popup, I'd like to know for the popup as well since
> there are other software that I would allow without question (unless they
> change of course).
>
> Thx in advance
> --
> Rej

Reply With Quote
  #3 (permalink)  
Old 06-26-2007
Ronnie Vernon MVP
 

Posts: n/a
Re: Is there a way to remember a trusted program ...
Rej

If this were possible, it would make UAC useless. This would open a
vulnerability path that could be used to compromise the system since any
malicious program would be able to piggyback on the program that is
automatically granted system wide privileges.

--

Ronnie Vernon
Microsoft MVP
Windows Shell/User


"Rej" <Rej@discussions.microsoft.com> wrote in message
news:05BFEE09-7C1F-484F-BA2B-B49D0EA8F798@microsoft.com...
> Is there a way to have UAC remember a program I trust so that it won't
> popup
> the UAC consent window everytime I start it?
>
> I'm trying to load on startup 'Process Explorer' but I can since it
> requires
> permission.
>
> If the procedure to have a program load on startup is different than not
> having the UAC window popup, I'd like to know for the popup as well since
> there are other software that I would allow without question (unless they
> change of course).
>
> Thx in advance
> --
> Rej


Reply With Quote
  #4 (permalink)  
Old 06-26-2007
cquirke (MVP Windows shell/user)
 

Posts: n/a
Re: Is there a way to remember a trusted program ...
[QRtSH]

> Re: Is there a way to remember a trusted program ...

....without malware being able to set itself as "trusted"?

Be careful what you wish for...



>------------------------------------ ---- --- -- - - - -

"For every complex question, there's a simple
answer - and it's wrong." H.L. Mencken
>------------------------------------ ---- --- -- - - - -

Reply With Quote
  #5 (permalink)  
Old 06-27-2007
Jimmy Brush
 

Posts: n/a
Re: Is there a way to remember a trusted program ...
Rej wrote:
> Found out you can't do it.. sorry for the bother.
>
> P.S. hope they add a feature that would allow us to remember trusted
> programs until they get changed or modified.. pretty much every firewalls I
> know have this feature. SP1 anyone?
>


This will not happen.

UAC is not a firewall.

The prompt is not just asking if you trust the program, but if you are
the one running it.

If it did not prompt, then any program could launch the trusted program
and use it against you.

For example, if you trusted a program that wiped all of the data from
your computer to not prompt, then any program, even programs that you do
not start or do not prompt, could launch that program and wipe data off
of your computer.


--
-JB
Microsoft MVP - Windows Shell/User
Windows Vista Support FAQ - http://www.jimmah.com/vista/
Reply With Quote
  #6 (permalink)  
Old 06-27-2007
Rej
 

Posts: n/a
Re: Is there a way to remember a trusted program ...
Ron,

Well, if I understand how Comodo Firewall Pro works, any program that tried
to access the internet had to do so *exactly* as it was at the time you
allowed it and asked to remember it.

So, if someone injects code into its memory space, Comodo will detect that
and stop the access and re-ask you for the access.. explaining why too. This
happens also for tons of reasons..
- Different parent (caller of application.. if it's not me, then it would
let me know),
- dll was hooked to app, it will detect that as well and ask
- etc etc.

To me, those seem to be the necessary security features that UAC could use
as well (with preferred/trusted app if that was included). This way, *noone
else* could start an app.. (different parent). If the app gets modified *in
any way*, it'd get blocked as well... etc

Thinking on this while I'm writing this, what if an app gets changed by a
virus while I'm using XP and then when I'm back to Vista, using the same app,
AND being the original user that ask it to start, I'd get the same UAC popup
and I'd tend to say -- ok continue -- without thinking twice about it... but
with the Comodo way, it would *know* that the program was modified in some
way and would tell me so.

Somethings to think about

REgards...
--
Rej


"Ronnie Vernon MVP" wrote:

> Rej
>
> If this were possible, it would make UAC useless. This would open a
> vulnerability path that could be used to compromise the system since any
> malicious program would be able to piggyback on the program that is
> automatically granted system wide privileges.
>
> --
>
> Ronnie Vernon
> Microsoft MVP
> Windows Shell/User
>
>
> "Rej" <Rej@discussions.microsoft.com> wrote in message
> news:05BFEE09-7C1F-484F-BA2B-B49D0EA8F798@microsoft.com...
> > Is there a way to have UAC remember a program I trust so that it won't
> > popup
> > the UAC consent window everytime I start it?
> >
> > I'm trying to load on startup 'Process Explorer' but I can since it
> > requires
> > permission.
> >
> > If the procedure to have a program load on startup is different than not
> > having the UAC window popup, I'd like to know for the popup as well since
> > there are other software that I would allow without question (unless they
> > change of course).
> >
> > Thx in advance
> > --
> > Rej

>

Reply With Quote
  #7 (permalink)  
Old 06-27-2007
Rej
 

Posts: n/a
Re: Is there a way to remember a trusted program ...
Jimmy,

I hear ya on this, but check my answer to Ron below for my arguments.

Regards...
--
Rej


"Jimmy Brush" wrote:

> Rej wrote:
> > Found out you can't do it.. sorry for the bother.
> >
> > P.S. hope they add a feature that would allow us to remember trusted
> > programs until they get changed or modified.. pretty much every firewalls I
> > know have this feature. SP1 anyone?
> >

>
> This will not happen.
>
> UAC is not a firewall.
>
> The prompt is not just asking if you trust the program, but if you are
> the one running it.
>
> If it did not prompt, then any program could launch the trusted program
> and use it against you.
>
> For example, if you trusted a program that wiped all of the data from
> your computer to not prompt, then any program, even programs that you do
> not start or do not prompt, could launch that program and wipe data off
> of your computer.
>
>
> --
> -JB
> Microsoft MVP - Windows Shell/User
> Windows Vista Support FAQ - http://www.jimmah.com/vista/
>

Reply With Quote
  #8 (permalink)  
Old 06-27-2007
Rej
 

Posts: n/a
Re: Is there a way to remember a trusted program ...
c,

Aye, I hear you there .. there have been occasions in my life where I got
what I wished for and it didn't always turn out the way I anticipated

But what I'm hoping for is simply an easier way to manage the security (for
the users). I see tons of messages on the forums about how people are tired
to always have to click on the 'continue' button. To me, this is an
indication that perhaps ways should be found to alleviate the repeatedness
(spelling? -- french Canadadian here of the process.

See my post to Ron about what I said about how Comodo manages it's
protection. Although it's a firewall, they did implement some very solid
security features.

Btw, I don't work or am I in any way affiliated to them.. I was just
impressed with their implementations and thought I'd share it since it
*might* reflect hte subject matter.

Regards....

--
Rej


"cquirke (MVP Windows shell/user)" wrote:

> [QRtSH]
>
> > Re: Is there a way to remember a trusted program ...

> ....without malware being able to set itself as "trusted"?
>
> Be careful what you wish for...
>
>
>
> >------------------------------------ ---- --- -- - - - -

> "For every complex question, there's a simple
> answer - and it's wrong." H.L. Mencken
> >------------------------------------ ---- --- -- - - - -

>

Reply With Quote
  #9 (permalink)  
Old 06-27-2007
Rej
 

Posts: n/a
Re: Is there a way to remember a trusted program ...
Ron,

Forgot to mention that the 'same app' used on both Xp and Vista is currently
Process Explorer and AutoRuns from SysInternals. Since they don't have
installers, I use the same .exes for both operating systems.

--
Rej


"Rej" wrote:

> Ron,
>
> Well, if I understand how Comodo Firewall Pro works, any program that tried
> to access the internet had to do so *exactly* as it was at the time you
> allowed it and asked to remember it.
>
> So, if someone injects code into its memory space, Comodo will detect that
> and stop the access and re-ask you for the access.. explaining why too. This
> happens also for tons of reasons..
> - Different parent (caller of application.. if it's not me, then it would
> let me know),
> - dll was hooked to app, it will detect that as well and ask
> - etc etc.
>
> To me, those seem to be the necessary security features that UAC could use
> as well (with preferred/trusted app if that was included). This way, *noone
> else* could start an app.. (different parent). If the app gets modified *in
> any way*, it'd get blocked as well... etc
>
> Thinking on this while I'm writing this, what if an app gets changed by a
> virus while I'm using XP and then when I'm back to Vista, using the same app,
> AND being the original user that ask it to start, I'd get the same UAC popup
> and I'd tend to say -- ok continue -- without thinking twice about it... but
> with the Comodo way, it would *know* that the program was modified in some
> way and would tell me so.
>
> Somethings to think about
>
> REgards...
> --
> Rej
>
>
> "Ronnie Vernon MVP" wrote:
>
> > Rej
> >
> > If this were possible, it would make UAC useless. This would open a
> > vulnerability path that could be used to compromise the system since any
> > malicious program would be able to piggyback on the program that is
> > automatically granted system wide privileges.
> >
> > --
> >
> > Ronnie Vernon
> > Microsoft MVP
> > Windows Shell/User
> >
> >
> > "Rej" <Rej@discussions.microsoft.com> wrote in message
> > news:05BFEE09-7C1F-484F-BA2B-B49D0EA8F798@microsoft.com...
> > > Is there a way to have UAC remember a program I trust so that it won't
> > > popup
> > > the UAC consent window everytime I start it?
> > >
> > > I'm trying to load on startup 'Process Explorer' but I can since it
> > > requires
> > > permission.
> > >
> > > If the procedure to have a program load on startup is different than not
> > > having the UAC window popup, I'd like to know for the popup as well since
> > > there are other software that I would allow without question (unless they
> > > change of course).
> > >
> > > Thx in advance
> > > --
> > > Rej

> >

Reply With Quote
  #10 (permalink)  
Old 06-28-2007
Jimmy Brush
 

Posts: n/a
Re: Is there a way to remember a trusted program ...
Rej wrote:
> Ron,
>
> Forgot to mention that the 'same app' used on both Xp and Vista is currently
> Process Explorer and AutoRuns from SysInternals. Since they don't have
> installers, I use the same .exes for both operating systems.
>


So, you're saying that UAC should remember what program launched the
admin program, and then only prompt if a different program tries to
launch the program?

That's a good idea.

Unfortunately, it 1) still doesn't ensure that *you* are the one
launching the program, it just ensures that a certain program is doing
the launching, and 2) it is not yet possible for the system to make that
assurance.

For example, let's say you launch a program from the start menu that you
want to always elevate without asking.

That's all well and good, and it seems like a reasonable tradeoff
between security and usability, but in reality it only appears so.

It is trivial to run code in the process of explorer, and really in any
process that lives in the same privilege level, and its not merely a
matter of "checksumming the file" to verify it hasn't been changed,
there are ways to get code to run inside of a process that wouldn't be
detectable using that method.

It's not just about you trusting the program, but just as much if not
more about ensuring that you are the one starting it.

I do think it is possible to do this without a prompt; however, the
problem is much more challenging than it appears at first glance .

--
-JB
Microsoft MVP - Windows Shell/User
Windows Vista Support FAQ - http://www.jimmah.com/vista/
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
mailto not trusted even when click from trusted site with IE7 & Vi Eric microsoft.public.windows.vista.mail 11 06-03-2008 19:01
Can Users Be Trusted? Steve Security News 0 05-29-2007 16:23
mailto not trusted even when click from trusted site with IE7 & Vi Eric microsoft.public.windows.vista.general 7 05-05-2007 18:27
StolenIDsearch.com: trusted or not? Paul Security News 0 03-27-2007 23:22
How to declare a program as "trusted" =?Utf-8?B?cGV0ZXJtY3dlcm5lcg==?= microsoft.public.windows.vista.administration accounts passwords 7 03-09-2007 21:35




All times are GMT +1. The time now is 05:20.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120