Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Application runs as administrator from installer #4759

Open
ygoe opened this issue Apr 11, 2023 · 4 comments
Open

Application runs as administrator from installer #4759

ygoe opened this issue Apr 11, 2023 · 4 comments
Labels
bug Something isn't working
Milestone
3.5.0

Comments

@ygoe
Copy link

ygoe commented Apr 11, 2023

Details

A common issue, sadly. When the application is installed using the provided installer (thanks for bringing it back!), it runs with the same administrator privileges as the installer. This is undesired. And it prevents drag&drop operations, like dragging a database file into the window (along with other interactions subject to security isolation). The application has to be restarted regularly through the start menu to make it work again.

Steps to reproduce

  1. Install
  2. Leave the option "run now" active
  3. Drag a file from Windows Explorer onto the main window's database list

Operating system

Windows 10

SQLiteStudio version

3.4.4
@pawelsalawa
Copy link
Owner

Yes. This is just how the installer works. I'm not aware of a solution for this at the moment, but I will keep this for next major version. Maybe I will figure something out.

@pawelsalawa pawelsalawa added the bug Something isn't working label Apr 11, 2023
@pawelsalawa pawelsalawa added this to the 3.5.0 milestone Apr 11, 2023
@ygoe
Copy link
Author

ygoe commented Apr 11, 2023

IIRC, Inno Setup solved it like this long ago: Before the process elevates, it keeps the unelevated process for later. When the elevated installer process is done, it tells the unelevated process to run the application from its context. Once a process has been elevated, there is no way to undo that. And running as a specific user only works when providing their credentials, which are not available here. So keeping the unelevated process is probably the only solution. It has to be supported by the setup tool, there's probably not much you can do about it as the user, other than bugging them to get their stuff right. 😁

Some might classify this as a security-related issue because it wasn't intended to run the actual application with administrator privileges and it's not obvious that it happened.

@ygoe
Copy link
Author

ygoe commented Apr 16, 2023

If the installer system doesn't support this, then it may be an option to install the application entirely in the user directory (%LocalAppData% instead of %ProgramFiles%). That would remove the need to elevate the installer and also get rid of the yellow warning as the installer is not signed. If a multi-mode installer cannot (easily) be created, a separate installer package might be an alternative.

@pawelsalawa
Copy link
Owner

I will review possibilities of how to handle it when I get to work on this issue. It's planned for 3.5.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
3.5.0
Development

No branches or pull requests
2 participants
@pawelsalawa @ygoe