andrew_nz

Dude you are being embarrassing, you wouldn't do this in person. You've talked yourself into a corner and this isn't going anywhere, of course an app that can delete things as an admin can be used "maliciously"/"weaponized' as recognized by two others in this thread. The question is simply is skipping UAC by default a smart idea? Is allowing it to be set across multiple users a good idea? Goodbye.

The question is simply is the current system good enough in regards to disabling UAC skip? UAC skip is allowed by default but you can turn it off. If a portable version is set to skip UAC it's set that way for every user, but you could put it in a folder standard users have no access too. Is that good enough? Maybe. I wouldn't have the option personally.

You could stop certain software and cripple/crash a computer by deleting protected files. I think I said that in one of my first posts.

There are lots of situations where employees, the public, contractors, guests would have access to a computer but you may not "trust" them. What a silly thing to say. Who should you trust absolutely? Do you do give everyone a polygraph before they touch the computer? And of course giving a standard user (remotely or in person) the ability to delete anything can be used "maliciously"/"weaponized". Nergal and Andavari admitted that much.

I just tested it. I have a portable build in C:\OtherApplications (this is where I put anything portable , nice for avoiding "bundled" applications and unnecessary services, start ups , also the PortableApps.com platform is just a handy way to get apps) , if I check "skip UAC" and log out and log in as a normal user it is launched with admin rights without a prompt. Also installed CCleaner on a normal user, switching to admin for the install, by default the next time I open it as a normal user it has admin rights with no prompt That's encouraging some safeguards are in place. It would be interesting to know if it's even been used in an attack, or maliciously.

Dude you mucked up then back tracked, you said UAC was an optional thing and had no real effects, it wasn't even a real permission. Now you admit it does give write permissions to certain folders. UAC prompts and admin prompts are the same thing (User Account Control) it's the same code and system. Like I said (verbatim) an admin can easily install and forget to untick the UAC skip option.

Please read about what folders a non admin user can write to, modify and delete from. They are all UAC checks if you have an admin account. You may have limited UAC prompts set for your user (in Control Panel > Users), that's just to make things more user friendly, Windows is bypassing UAC prompts it feels an admin is doing intentionally on that setting. If you have UAC prompts on full and more importantly if your not an admin user you can not write in C:\Windows, C:\Program Files etc. That is a fact, try it. That's why installers require a UAC/admin prompt as they install even if they don't when you initially launch them.

Your probably getting confused because you are on a system as an admin with limited UAC prompts (set in control panel.) If you were on a computer as a non admin or with full UAC prompts you may understand better. If you are a non admin user or you have UAC prompts on full, and you don't OK a UAC prompt or have a task that bypasses the UAC prompt you can not modify, add to or delete files in certain folders. Windows, Program Files etc. That is a fact, try it. That's why installers require a UAC/admin prompt as they install even if they don't when you initially launch them. You may have limited UAC prompts by default as an admin user but that's not how a non admin account acts, it's bypassing UAC prompts it feels the admin is doing intentionally (with that setting), if you have UAC prompts on full and more importantly if your not an admin user you can not write in C:\Windows, C:\Program Files etc.

Ok , that's encouraging that it needs to run as an admin once. Especially in regards to UAC in general and it's effectiveness in stopping malware attacks. In regards to CCleaner it could be installed by an admin and they simply forget to untick the UAC skip option. Then it could be used maliciously or irresponsibly (with the custom files and folders option.) Not only could you easily kill a Windows installation you can probably delete/stop certain Windows components and 3rd party security software as part of a wider attack. I think having a "skip UAC" option in a program that allows a user to delete anything they want is irresponsible. It takes less than two seconds to ok a UAC prompt.

You could easily create a custom rule and cripple someone's computer from a portable build of CCleaner, without admin rights.

I just created a folder called C:\Windows\testfolder and put a file in it, modifying or deleting that file brings up UAC prompts. This means unless you have admin rights and are intentionally deleting it, you can't. Yet I can can create a custom rule in CCleaner and delete it without any UAC prompts. I don't understand this, are all UAC security measures totally optional? Any piece of software or malware can choose to ignore them?

So if it had to delete from a protected directory it would get a UAC prompt then? Or just not be able to delete from it? Edit: It can delete from protected directories with UAC skipped on, so UAC is useless to stop that kind of thing? Or there not protected directories?

Under Options > Advanced there's an option that says "Skip user account control warning". This means that even from a portable build you can delete files in the C:\Windows directory (and other important directories) without having to press OK on a UAC pop up. How is this possible? Isn't UAC meant to prevent that? Isn't that a fundamental part of what makes new versions of Windows more secure than old versions? If no UAC is required does that mean a non admin user is able to delete stuff from those protected directories using CCleaner?