[Solved] Portablizer and administrative privileges

A problem using LiberKey ?
6 messages • Page 1 sur 1

[Solved] Portablizer and administrative privileges

Messagede spotting » 22 Novembre 2009, 22:27

Hi,

I have 3 Problems using Liberkey.

The First one is a problem with ASuite and SuRun - It is not very important and i don't Think that Liberkey is able to solve it.

(SURun is an UAC enhancement which brings white-list feature for "Run as Admin" to Windows)

Every-time starting a program with ASuite which is part of SuRuns white list - i receive an an error
Image
In This picture i've used CCleaner.exe inside of the Whitelist and i-'ve startet CCLeaner.exe inside of Asuite)



The second Problem is a little bit more important.

Using a software inside Liberkey which need administrative privileges gives these privileges to Liberkeyportablizer.exe
Starting any kind of a second software ... as long as Liberkeyportablizer has not quit - the next program has admin rights too. ... without asking me.

An Example?
You start working with MobaLiveCD ... as long as MobaLiveCD is used - and you start QDir (using QDirLKL.EXE) - you have admin privileges in QDir. When you quit MobaLiveCD - QDir hast still admin privileges.

You can solve this problem if every Program would get an "own" portablizer instance.

In my opinion this is a big security thread which should be solved as soon as possible.


The last problem is a problem with SuRun and your portablizer.
If the CCleanerLKL.exe is part of the Whitelist in SuRun the portablizer crashes when i open this program. But CCleaner works fine.

Image
(picture taken with liberkey 4.5 ... this also happens with 4.6)

Best Regards

spotting

Edit - changed CCleaner with MobaLiveCD
Dernière édition par spotting le 08 Février 2010, 00:07, édité 1 fois.
spotting
Fresh Boarder
Fresh Boarder
 
Messages: 20
Inscription: 15 Novembre 2009, 20:20

Re: Problem with Portablizer and administrative privileges

Messagede spotting » 24 Novembre 2009, 01:14

UPDATE

for the first problem i've described there are good news. liberkey is not involved ... this is a windows / Surun - problem.

The third problem depends directly to the first one.



but the second problem is still not solved.
Starting a program with administrative privileges gives these privileges to your portablizer.exe. as long as this process is open, every program which is started using this portablizer inherits theses admin privileges.
spotting
Fresh Boarder
Fresh Boarder
 
Messages: 20
Inscription: 15 Novembre 2009, 20:20

Re: Problem with Portablizer and administrative privileges

Messagede vagabond » 24 Novembre 2009, 12:39

Hello spotting,

First of all, thank you for taking the time to make a detailed analysis of the problem and explain as clearly.

It is true that if each application had its own portabilizer instance this would solve the problem simply. However, this will solicit more system resources.
In addition, centralized portabilisation can make some things easier like restoring data after a system crash, update the portabilizer while portabilized apps are running (LiberKey patches), controling the end of the user session (the portabilizer is the last who leaves to ensure the restoration of configurations), etc. ..
The underlying problem is very simple: in order to properly "portabilize" an "elevated" application, the portabilizer must be "elevated" too. Otherwise it is impossible to access some essential information on process, and most windows messages are filtered by default (from Windows Vista) preventing communication between processes.
This is not necessarily a "big" problem of security because administrative rights are only granted to administrators.
But it is true that this requires caution if LiberKey is installed on a workstation for ordinary users. In this case you should not launch application with your administrator account to avoid elevation of the portabilizer.
That said, we started to explore a way that would resolve this problem and allow us to maintain our current architecture. This is not to make an instance for each application, but to create a portabilizer assistant (a kind of bridge), much lighter, which will be dedicated to applications requiring elevation. This assistant will be elevated and will disable his messages filtering to allow the portabilizer (not elevated) to communicate with him. This will isolate processes with different rights and prevent the spread of administrative rights to the portabilizer.

This evolution is part of the "todo list" and should appear in the next releases of the portabilizer.
Avatar de l’utilisateur
vagabond
Administrator
Administrator
 
Messages: 491
Inscription: 14 Février 2007, 11:13

Re: Problem with Portablizer and administrative privileges

Messagede spotting » 21 Janvier 2010, 02:12

vagabond a écrit:Hello spotting,

First of all, thank you for taking the time to make a detailed analysis of the problem and explain as clearly.

...

This evolution is part of the "todo list" and should appear in the next releases of the portabilizer.


Well, It seems in the last 2 Month, nothing happened regarding this problem.
Is there any Update regarding this problem?

And - I've read your Answer a few times. I think we should take a look at one Szenario.

A Liberkey User starts working on his Windows. (7 or Vista)
He starts CCleaner (Portable inside of Liberkey). Windows User Account Control is asking and Portablizer earns administrative privileges
While CCleaner is working in the background, he starts for example Firefox. Portablizer gives Firefox Administrative privileges - and the User does not know.

20 Minutes Later. Firefox is still running, the user is clicking on a manipulated link. He is transmitted to an altered website. 2 seconds later his System crashes.

When he starts his System again, his Computer is part of a new Mailing Network, -> he does not see that - And every on-line banking transaction, every password, every privacy date would be seen by the hacker who manipulated the altered website.

2 Day Later your Liberkey user goes to his bank, to draw money. But there is no money.


hmmm ...


->

If you do not want to see more instances of portablizer running, then it should be a great idea to give the user a chance to accept administrative privileges for each program despite the fact that the portablizer is working with administrative privileges.

A Liberkey User starts working on his Windows. (7 or Vista)
He starts CCleaner - Portable inside of Liberkey - Portablizer earns Administrative privileges
While CCleaner is working in the background, he starts ... Firefox. Portablizer gives Firefox Administrative privileges - and the User does not know.

I'm no programmer behind Portablizer ... but i have an idea.
If you are using file manager with admin privileges - and start a program (exe - file) it inherits these administrative privileges. If you are clicking on a shortcut (INK - File) UAC is asking again.

So - If Portablizer is Running (with administrative privileges) and you want to start a new program use the shortcut. If Portablizer is not running, use the old way.
spotting
Fresh Boarder
Fresh Boarder
 
Messages: 20
Inscription: 15 Novembre 2009, 20:20

Re: Problem with Portablizer and administrative privileges

Messagede vagabond » 21 Janvier 2010, 14:36

spotting a écrit:(..) Well, It seems in the last 2 Month, nothing happened regarding this problem.
Is there any Update regarding this problem?

The version we are currently testing solves this problem. It will be published soon in a patch which will be reported and automatically installed on your LiberKey.

The solution is a little different than what I explained in my previous post. This new version can handle the simultaneous execution of portable applications with different security context, it also solves other problems that may occur with the fast user switching and execution of portable applications (it is better prevent many people use the same portable application at the same time until the LiberKey manages multiple users).

You don't need to imagine the worst (and unlikely) scenarios to convince us! Just be a little patient.
The point we are discussing is part of a wider problem which has necessitated a review of some of our architecture.
Avatar de l’utilisateur
vagabond
Administrator
Administrator
 
Messages: 491
Inscription: 14 Février 2007, 11:13

Re: Solved - Portablizer and administrative privileges

Messagede spotting » 08 Février 2010, 00:08

It seems, the new update solves the problem.

Thanks.

best regards spotting.
spotting
Fresh Boarder
Fresh Boarder
 
Messages: 20
Inscription: 15 Novembre 2009, 20:20


6 messages • Page 1 sur 1

Retourner vers Support

Qui est en ligne

Utilisateurs parcourant ce forum: Google [Bot] et 936 invités

cron