Hi,
I have UAC enabled on my X64 business edition and have used the machine for testing new drivers. The logged in console user isn’t part of the admin group and has to type the password each time a new driver is loaded.
Is there anyway to disable this feature? as I think I found a bug in Windows.
d
> Is there anyway to disable this feature?
Disable UAC and log on as admin.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
Thanks, I thought so.
So why as a normal user (i.e. non-admin) am I able to install, load on demand and run a new driver on my system without entering the admin password? It must be a bug, it does prompt but I found a set of clicks that doesn’t prompt. I thought after a few builds of my a test driver that it probably shouldn’t be able to load it.
Perhaps its because I booted with disabled signature verification?
d
Is your driver ‘test signed’ or signed with a cert that has been installed
as root & trusted Publisher along with your machine in Test Signing Mode?
In other words, have you ‘conditioned’ this machine per the KMCS
walk-through?
Well, if so, you have made the system such that it treats your driver as
signed. Installing a signed driver for a device is a permitted escalation
of privilege in the system. Otherwise, no one could ever plug in their iPod
(oops, I mean Zune) and get it to work unless they were an Admin.
And yeah, booting with signature verification might have some influence on
that too.
So how about you go and install a version of the OS clean, don’t change any
BCDEDIT settings, install any test certificates, etc. and try to install
your device & driver as a non-admin user. See if your ‘bug’ still exists in
those conditions. If so, well, maybe you got something.
Good Luck,
Dave Cattley
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@hotmail.com
Sent: Thursday, January 14, 2010 10:02 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Windows X64 driver loading and admin?
Thanks, I thought so.
So why as a normal user (i.e. non-admin) am I able to install, load on
demand and run a new driver on my system without entering the admin
password? It must be a bug, it does prompt but I found a set of clicks that
doesn’t prompt. I thought after a few builds of my a test driver that it
probably shouldn’t be able to load it.
Perhaps its because I booted with disabled signature verification?
d
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Dave,
The driver isn’t signed at all.
I agree about the clean OS install tests but its quite a task. Rather just ask other people if they see the same situation?
Previously I installed via “devcon” and now I’ve been using device manager. When I insert the USB cable it comes up with “Found new hardware” window. If you select “Locate a driver” it’ll prompt for admin. At this point if you close the window or select “Ask me later”, it appears as unconfigured in device manager tab “Other devices”.
Clicking the driver it shows properties and says the device isn’t configured properly. If I then click the “Reinstall” button it comes up with a search and install driver window but does not prompt for admin and happily installs, selects a configuration and runs (clicking browse and show it a driver location)
Should this happen? I think its a bug but I supposed it could be to do with X64 ignore sign boot option?
d
You ran device manager as a non-admin user?
Did you have to provide a driver package to the wizard for it to ‘find’ one
or did it find one all by itself?
Chances are you are seeing that (as far a windows is concerned) you already
installed the package, unsigned, with enough privilege at the time you did
so, and that was enough. Installing a ‘device’ with a package already on
the system and registered in the DrvStore (AFAIK) does not require any sort
of privilege. Putting the driver there in the first place did, however.
Anyway, you really should test your scenario on a ‘clean’ and properly
provisioned system that has not had it configuration and security
compromised by developer activity before claiming to have found a ‘bug’ in
the OS. You may well have found something (I am not going to do this test
but I encourage you to) but the burden of proof is pretty high.
Good Luck,
Dave Cattley
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@hotmail.com
Sent: Thursday, January 14, 2010 12:35 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Windows X64 driver loading and admin?
Dave,
The driver isn’t signed at all.
I agree about the clean OS install tests but its quite a task. Rather just
ask other people if they see the same situation?
Previously I installed via “devcon” and now I’ve been using device manager.
When I insert the USB cable it comes up with “Found new hardware” window.
If you select “Locate a driver” it’ll prompt for admin. At this point if
you close the window or select “Ask me later”, it appears as unconfigured in
device manager tab “Other devices”.
Clicking the driver it shows properties and says the device isn’t configured
properly. If I then click the “Reinstall” button it comes up with a search
and install driver window but does not prompt for admin and happily
installs, selects a configuration and runs (clicking browse and show it a
driver location)
Should this happen? I think its a bug but I supposed it could be to do with
X64 ignore sign boot option?
d
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Dave,
I did a check with “devcon” that the INF wasn’t in the system. I pointed the hardware wizard to my drivers INF file for it to install and yes the computer has had it installed before, however I uninstalled it. I did check it wasn’t in the windows INF catalogue but I suppose that doesn’t prove anything much.
d
I don’t think you are running in a ‘standard user’ context like you say you
are.
When I run “Device Manager” on Vista SP2 from a ‘standard user’ login, I get
a very polite message telling me to go pound sand and find an administrator
:).
The mere fact that you can run DevMgmt.msc would indicate you are logged in
as an administrative user.
Good Luck,
Dave Cattley
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@hotmail.com
Sent: Thursday, January 14, 2010 1:19 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Windows X64 driver loading and admin?
Dave,
I did a check with “devcon” that the INF wasn’t in the system. I pointed
the hardware wizard to my drivers INF file for it to install and yes the
computer has had it installed before, however I uninstalled it. I did check
it wasn’t in the windows INF catalogue but I suppose that doesn’t prove
anything much.
d
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Sorry, forgot to finish that sentence precisely
“The mere fact that you can run DevMgmt.msc and access the Update Driver
function would indicate you are logged in as an administrative user.”
Good Luck,
Dave Cattley
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of David R. Cattley
Sent: Thursday, January 14, 2010 1:44 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] Windows X64 driver loading and admin?
I don’t think you are running in a ‘standard user’ context like you say you
are.
When I run “Device Manager” on Vista SP2 from a ‘standard user’ login, I get
a very polite message telling me to go pound sand and find an administrator
:).
The mere fact that you can run DevMgmt.msc would indicate you are logged in
as an administrative user.
Good Luck,
Dave Cattley
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@hotmail.com
Sent: Thursday, January 14, 2010 1:19 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Windows X64 driver loading and admin?
Dave,
I did a check with “devcon” that the INF wasn’t in the system. I pointed
the hardware wizard to my drivers INF file for it to install and yes the
computer has had it installed before, however I uninstalled it. I did check
it wasn’t in the windows INF catalogue but I suppose that doesn’t prove
anything much.
d
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Dave,
You are right, I’ve just been putting the machine to sleep with device manager open so can’t remember when I opened it but I did have admin rights then. However it still doesn’t prompt using that install method once open where as it does prompt upon new hardware found.
d
That is because the Device Manager process already had the privilege whereas
the FNHW does not until you elevate it.
Good Luck,
Dave Cattley
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@hotmail.com
Sent: Thursday, January 14, 2010 2:03 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Windows X64 driver loading and admin?
Dave,
You are right, I’ve just been putting the machine to sleep with device
manager open so can’t remember when I opened it but I did have admin rights
then. However it still doesn’t prompt using that install method once open
where as it does prompt upon new hardware found.
d
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
What type is your driver? For UMDF, you don’t need signatures, and
possibly not even privileges.
>For UMDF, you don’t need signatures, and
possibly not even privileges.
Not correct. Your package needs to be signed and you are installing km components with umdf so the same privs are also required
d
tiny phone keyboard + fat thumbs = you do the muth
-----Original Message-----
From: Hagen Patzke
Sent: Saturday, January 16, 2010 1:49 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Windows X64 driver loading and admin?
What type is your driver? For UMDF, you don’t need signatures, and
possibly not even privileges.
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>> For UMDF, you don’t need signatures, and possibly not even
> privileges.
On 1/16/2010 5:12 PM, Doron Holan wrote:
Not correct. Your package needs to be signed and you are installing
km components with umdf so the same privs are also required
On Vista/64, my unsigned “BulkUSB” WUDF driver worked without signature.
Do I miss something? Are there now more checks in place?