not really programming and probably butchered the execution on that cmd but this felt like the only place it would be funny to post it

  • rekabis@lemmy.ca
    link
    fedilink
    arrow-up
    41
    ·
    2 months ago

    As a security professional… yeah, nope. Nope, nope, nope.

    Win11 has many usability issues, and Windows seems to accumulate more with every design decision, but reaming your arse open for someone else to bugger you via an exploit run under your own account is not one of them.

  • Dumhuvud@programming.dev
    link
    fedilink
    English
    arrow-up
    34
    ·
    2 months ago

    Oh wow, a security disaster. You know, you can temporarily escalate your privileges if you need to modify Program Files, right? It’s just one UAC prompt away.

    • sad_detective_man@leminal.spaceOP
      link
      fedilink
      English
      arrow-up
      9
      ·
      2 months ago

      oh god not the UAC 🤮 so I use a lot of software that needs to be able to handle files too and some that gets temperamental with things that mess with full screen. I get what UAC is for but for my daily use it’s basically a rake for me to step on

    • sad_detective_man@leminal.spaceOP
      link
      fedilink
      English
      arrow-up
      47
      ·
      2 months ago

      takes ownership of the C disk in windows and gives administrators full priveledges for program files. by default they belong to “trustedinstaller” which bars you from using a lot of your own computer, even if you make an admin account.

          • Excrubulent@slrpnk.net
            link
            fedilink
            English
            arrow-up
            24
            ·
            edit-2
            2 months ago

            The way I do it is I have a script that adds an entry in file explorer called “Take Ownership”. I don’t have to use it often but when I do it’s a life saver, and it doesn’t blanket take ownership of the whole disk.

            Obviously an elevated super user like linux has would be much more secure, but it’s windows, they’re not interested in security if it isn’t about their share price.

            • sad_detective_man@leminal.spaceOP
              link
              fedilink
              English
              arrow-up
              10
              ·
              2 months ago

              in retrospect that’s actually a way better method. do you use the one from winearo? they strike me as untrustworthy but that is 100% based on vibes.

              • Excrubulent@slrpnk.net
                link
                fedilink
                English
                arrow-up
                8
                ·
                2 months ago

                Oof, yeah, those vibes are rancid. The website is covered in shady looking links and they want you to download an exe, which you don’t need for a simple registry edit which can be done with a text file.

                This link shows you how to make the .reg file: https://www.windowscentral.com/how-take-ownership-files-using-right-click-context-menu-windows-10

                For my money that’s way easier than doing it manually through the registry editor yourself, and you can inspect the code to see what it’s doing.

                If you want to see the manual steps to take ownership without the registry entry, it looks like this: https://www.windowscentral.com/how-take-ownership-files-and-folders-windows-10

                If that isn’t a dark pattern then I don’t know what is. They do not want you to have control over your machine, at all.

                • Blue_Morpho@lemmy.world
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  edit-2
                  2 months ago

                  Preventing users from breaking their machines unless they really work to bypass the defaults is a good thing. It’s the same path all major Linux distros have followed by doing things like disabling the root account at install. The entire ethos of distros like NixOS is to not be able change your own OS unless you actively go out of your way.

                  The important part is that you can change it.

            • Blue_Morpho@lemmy.world
              link
              fedilink
              arrow-up
              2
              ·
              2 months ago

              Obviously an elevated super user like linux has would be much more secure,

              NTFS access control entries are more secure than traditional Unix owners. It’s why Linux copied NTFS style ACE file permissions years ago.

        • AnyOldName3@lemmy.world
          link
          fedilink
          arrow-up
          5
          ·
          2 months ago

          Windows permissions are more flexible than basic Unix ones. A file doesn’t just have an owner and a group, it can have individual permissions for arbitrarily many entities, so taking ownership doesn’t remove any of the permissions from anything that already had access, it just adds more. The command shown here is closest in effect to deciding you’re always going to log in as root from now on, although Windows has a way to effectively do that without modifying the ACL of every file. Either way, it’s silly, and usually people who suggest it are under the impression that XP did permissions right by not meaningfully enforcing them and not having an equivalent of a root account you can temporarily switch to, and Vista only changed things specifically to annoy people, and not to be more like Unix.

      • Honytawk@lemmy.zip
        link
        fedilink
        English
        arrow-up
        8
        ·
        2 months ago

        Good on you if you think you can handle the responsibility of being able to completely wreck your OS. The option exists for a reason.

        But Windows was made with the average user in mind. And they can’t be trusted with that kind of power.

        Though I do question the security issues that arise from doing this. If your account can break everything, so can every software/malware you install.

      • Agent641@lemmy.world
        link
        fedilink
        arrow-up
        5
        ·
        2 months ago

        “Trusted installer” has such “Trust me bro” energy and I hate it. I don’t trust you one goddamned bit gimmie those files!

    • lmmarsano@lemmynsfw.com
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      2 months ago

      Cool way to break your computer wide open to security exploits.

      Also, an awesome image of text, so people can’t just copy & paste it, but that’s more of a hidden blessing.

  • Brkdncr@lemmy.world
    link
    fedilink
    arrow-up
    12
    ·
    2 months ago

    I find it more funny that people including yourself don’t know if it’s correct or not.

    It’s about 6 clicks in the gui.

    • sad_detective_man@leminal.spaceOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 months ago

      I’ve used that method too. switched to using cmd because the GUI has crashed before while making changes to large amounts of data. with more recent versions of windows the more unstable it seems to get.

      • Brkdncr@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        2 months ago

        I recently changed the acls on 20tb of documents. On 2cpu and 8gb mem serving a few hundred users.

        Seems stable enough for my needs.

        • sad_detective_man@leminal.spaceOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          2 months ago

          sheesh, all in one go? I can’t get through 1 tb with it even before I start doing hairbrained shit like in my post. on a private machine, with 16gb. I assume that system is on 11?

          • Brkdncr@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            2 months ago

            Server 2022, but was previously server 2016 and doing the same things.

            Only time there are issues is when someone has used an app to extract files with extremely long folder names and even that hasn’t happened in years.

            Ntfs hasn’t changed a whole lot recently so I doubt there’s much difference between server 2022 and win11.

            • sad_detective_man@leminal.spaceOP
              link
              fedilink
              English
              arrow-up
              2
              ·
              2 months ago

              you know I got some torrent files that start to exceed the limit on filenames. I wonder if those are doing something similar. I just assumed newer versions of windows are just running shittier script shells on top of old Windows 7 architecture, but maybe that’s worth looking into

              but I would guess there are some wide differences between Server 2022 and a consumer Windows build. A lot of effort seemed to get put into transparency visual effects and window transitions. Maybe this is just my bias but I think industry applications are little better stress tested and optimized for things like file management

  • hexagonwin@lemmy.sdf.org
    link
    fedilink
    arrow-up
    9
    ·
    2 months ago

    at this point just login as system or trustedinstaller lol for elevated stuff i usually use 7zip as admin or system(nircmd)

    • sad_detective_man@leminal.spaceOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      2 months ago

      You can log in as trustedinstaller???

      do you mean like accessing your files in the 7zip interface? I hadn’t thought of using that for anything besides zipping. that’s clever

      • hexagonwin@lemmy.sdf.org
        link
        fedilink
        arrow-up
        3
        ·
        2 months ago

        idk if its system or trustedinstaller that i literally logged into and launched a “user session”, its been a while since i played around windows. but yeah it kinda works although it breaks explorer heavily (lol)

        just use a normal admin user and use nircmd to run 7zip totalcmd etc as SYSTEM

        • ITGuyLevi@programming.dev
          link
          fedilink
          arrow-up
          3
          ·
          edit-2
          2 months ago

          Edit: I was scrolling back up and realized I responded to the wrong person about the psexec thing. I apologize for any misunderstanding (I’m gonna leave it because its still kind of good info in there and I suck at typing on mobile).

          I’m not a fan of psexec anymore, in a lot of environments is blocked or gets picked up by overzealous AV. Might I suggest using using something like NTObjectManager to just spawn a child process of TrustedInstaller?

          It works really well, I’ve never seen it flagged by AV, and it’s nice being able to remove shit that system can’t. One thing I had a hard time getting away from PSExec for was remote sessions when remote management was turned off. Thankfully you can just invoke-command to call cmd and enable WinRM remotely… Goddamn I hate Windows but love the simplicity to utilized it’s “under documented” features.

            • ITGuyLevi@programming.dev
              link
              fedilink
              arrow-up
              3
              ·
              2 months ago

              Welcome to today’s 10,000 (totally not trying to be offensive, learning is great).

              TrustedInstaller is actually a service that was introduced with Windows Vista with the intention of preventing modification of system files. It typically is the “owner” of damn near everything in default Windows directories.

              A fun way I typically show off the limitations of the system account is by telling people to try to delete a protected resource, like Windows Defender’s directories. Then try it again when running with TrustedInstaller’s rights and you’ll possibly find yourself just staring at your screen thinking about how useful that could be.