Jump to content

CCleaner privilege elevation on standard accounts.

aphanic

By aphanic
in CCleaner Bug Reporting

 Share

Recommended Posts

aphanic

aphanic

Posted
Posted

Hi, I'd like to report a bug and some thoughts on how it could be addressed.

 

Today I reinstalled my machine which is running Windows 8.1 Pro and I setup two accounts: one with administrative privileges and a standard one which will be the one I'll use on a daily basis.

 

If CCleaner bypasses UAC there's no warning about the user not having administrator rights, which in turn causes uninstallation of programs impossible with an error dialog popping up if the user tries to uninstall something.

 

Thinking about it... I see two one ways to deal with this:

 

 - Change CCleaner's manifest to require administrator rights to be run. As of now it's set to "asInvoker", setting it to "requireAdministrator" would effectively ask for admin rights when opening the application. I don't really like this option, but it is one way nonetheless.

 

 - Leaving things as they are, but checking if the user has actually administrative rights when trying to do things that would require them (you could use the Windows function CheckTokenMembership() for that). This one seems like a good idea to me, for example if the user were not an administrator you could notify him/her with a dialog when entering the "Uninstall" section, asking if he/she'd like to launch CCleaner with admin privileges, elevating itself (i.e. relaunching through UAC authenticated as an admin user).

 

In any case... a warning should be displayed or the user notified that uninstallation of applications would be impossible if CCleaner is running without administrative privileges.

 

EDIT:

 

After more thoughts... since elevation in this case would cause the program to be run under a different user, cleaning personal stuff (of the unprivileged user) would require knowing which user ran CCleaner in the first place. That's something to take into account if the application is relaunched elevated.

 

"requireAdministrator" would complicate things even further, knowing the user would be more convoluted.

Link to comment
Share on other sites
Alan_B

Alan_B

Posted
Posted

I think CCleaner is working properly and any solution would be a bug.

 

If a User has no admin right to install a program then he should not be enabled to uninstall what was installed by an administrator.

It is the administrator who installs and as the privilege of removing.

Link to comment
Share on other sites
  • 2 years later...
Alan_B

Alan_B

Posted
Posted

Alan, you don't really have a clue what UAC stand for, right?

 

I second the argument by aphanic, that CCleaner has a problem here, and thus it is no replacement for Windows inbuilt "program remove" dialog :-(

Conversely you REALY do not have ANY CLUE about :-

My knowledge of UAC as it was three years ago in the abysmal Windows 8.1 ;

Nor of my PRESENT knowledge and experience of UAC in Windows 10 ;

Nor of the fact that three years ago the prime purpose of CCleaner was to remove junk,

and NOT to be a replacement for Windows inbuilt "program remover".

 

Regards

Alan

Link to comment
Share on other sites
  • Moderators
mta

mta

Posted
  • Moderators
Posted

Windows and CC have had too many versions for this thread to be dug up again, and then to instantly degrade into a slanging match.

 

@copa017, there was absolutely no need for your first inflammatory, troll like sentence.

 

This thread is closed.

Backup now & backup often.
It's your digital life - protect it with a backup.
Three things are certain; Birth, Death and loss of data. You control the last.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept