Avatar for Username

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Learn More

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

What are the security risks of lauching -no-deelevate option as suggested in this Article (link)

  • 1 antwoord
  • 1 heeft dit probleem
  • 9 weergaven
  • Laatste antwoord van cor-el

ccrc28
ccrc28
more options

About this article: https://support.mozilla.org/en-US/kb/windows-administrator-launcher-process-error-fix#w_how-to-verify-the-problem

In order to solve the drag and drop issue under win7, article above suggests "Start Firefox Using the -no-deelevate command" but doesn't clarify what would be the risks on doing it.

I mean, the security risk is only mentioned in the next suggestion "partial workaround", saying it would be rather than lower security by using -no-deelevate instead, but also gives no information about what risks would be.

So I would like to know:

1) If I decide to use -no-deelevate option, what sort of risks I'm taking?

2) To a no fool internet user, is it worthy to take?

This is relevant for me cuz re-enable UAC makes user have to confirm dialog box to everything at all in Windows despite logged as full right administrator.

Nor less annoying are the other option "copy and paste" "save as", putting me under ridiculous situation of needy to use Opera browser only to be able of drag IMDB links and images into a folder, then backing to Firefox for everything else.

You can drag an image even to a folder in an USB external drive (OMG-WTF)

Thanks you all.

About this article: [http://example.com https://support.mozilla.org/en-US/kb/windows-administrator-launcher-process-error-fix#w_how-to-verify-the-problem ] In order to solve the drag and drop issue under win7, article above suggests "Start Firefox Using the -no-deelevate command" but doesn't clarify what would be the risks on doing it. I mean, the security risk is only mentioned in the next suggestion "partial workaround", saying it would be rather than lower security by using -no-deelevate instead, but also gives no information about what risks would be. So I would like to know: '''1) If I decide to use -no-deelevate option, what sort of risks I'm taking? ''' '''2) To a no fool internet user, is it worthy to take? ''' This is relevant for me cuz re-enable UAC makes user have to confirm dialog box to everything at all in Windows despite logged as full right administrator. Nor less annoying are the other option "copy and paste" "save as", putting me under ridiculous situation of needy to use Opera browser only to be able of drag IMDB links and images into a folder, then backing to Firefox for everything else. You can drag an image even to a folder in an USB external drive (OMG-WTF) Thanks you all.

Bewerkt door ccrc28 op

Alle antwoorden (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

So you think that disabling UAC is a lower risk than running Firefox with lower integrity by using -no-deelevate and the former is acceptable (i.e. you do not worry), but you worry about Firefox?

It is up to you to decide how much effort is acceptable for your security, we can't advise you in this matter apart from suggesting to enable UAC or accept its limitations.

On Windows it is already easier to bypass security and you only need to confirm a UAC alert. If you disable UAC then not much security safety is left. On a platform like Linux you need to enter the administrator (root) password each time you need write permission for saving a file to a restricted location. Adequate security comes with a cost and you need to accept extra effort or else this has not much meaning if you bypass these measures.