Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Using "Run as Administrator" from a User Account


  • Please log in to reply
10 replies to this topic

#1 Warthog-Fan

Warthog-Fan

  • Members
  • 312 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Endicott, NY
  • Local time:10:42 PM

Posted 26 June 2017 - 08:24 AM

Hi,

 

I have a VPN program called Private Internet Access. It is really designed to run from an Administrator account. When I log onto my Administrator account on the computer, the VPN starts automatically and connects me to the VPN service. If I log on to my User account (which is what I usually use) the VPN does not start. However, if I right-click the Private Internet Access icon and select "Run as Administrator" then the VPN will start and connect me to the VPN service.

 

The reason that I almost always operate the computer as a User is that this provides much better security when surfing the internet, as compared to operating as an Administrator. But if I am running the VPN as an Administrator does this make me just as vulnerable to internet threats as if I were actually logged on as an Administrator, or do the Administrator rights only extend to the Private Internet Access program?

 

Thanks in advance.


Edited by hamluis, 26 June 2017 - 08:29 AM.
Moved from Win 7 to Gen Security - Hamluis.


BC AdBot (Login to Remove)

 


#2 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,226 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:09:42 PM

Posted 26 June 2017 - 09:33 AM

Administrator rights only extend to the program to which they are granted when you use "Run as Administrator" under a standard Win10 account.  I presume you're being prompted for the userid and password of the/an admin account when you do this, as the program will then be running under that user's credentials.

 

All other programs are running under the user that you're logged in as and with the permissions that user has.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1809, Build 17763 

     Presenting the willfully ignorant with facts is the very definition of casting pearls before swine.

             ~ Brian Vogel

 

 

 

              

 


#3 Warthog-Fan

Warthog-Fan
  • Topic Starter

  • Members
  • 312 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Endicott, NY
  • Local time:10:42 PM

Posted 26 June 2017 - 10:51 AM

This is a Windows 7 OS, but I assume that the statements that you made will also apply to Windows 7.

 

Yes, when I start the VPN program with the "Run as Administrator" function, the OS prompts me for the Administrator's password. So if I understand you correctly, if malware were to try to install itself from an internet web site, it would still require Administrator approval to do so, even though the internet interface (the VPN) has Administrator privileges. Correct?



#4 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,226 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:09:42 PM

Posted 26 June 2017 - 11:42 AM

I cannot answer your direct question, and probably no one can.

 

There are so many techniques for getting around security that can be used that there is likely some way something might get in.

 

The fact of the matter is that the vast majority of viruses and malware of all types are directly "invited in" via end-user action.  Very few sneak in, as they don't need to.

 

If you follow even half of the recommendations in Quietman7's Best Practices for Safe Computing it is highly unlikely that you'd ever get an infection of any sort.  I've run under an administrator account (and ideally one shouldn't) for decades now, following my own subset of the recommendations Quietman7 makes, and I have not had an infection on any machine I use within memory (and I'm not losing my memory, thank heaven).

 

An ounce of prevention generally obviates the need for a pound of cure, and that ounce of prevention comes from what you, the end user, actually do.


Edited by britechguy, 26 June 2017 - 11:44 AM.

Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1809, Build 17763 

     Presenting the willfully ignorant with facts is the very definition of casting pearls before swine.

             ~ Brian Vogel

 

 

 

              

 


#5 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 26 June 2017 - 04:56 PM

Shane from Tweaking.com (Windows Repair All-in-One, Registry Backup, etc.) and I once had a conversation about "UAC fatigue", in which users become so accustomed to clicking Yes to allow programs to execute that it almost becomes automatic.

 

Some malware can elevate privileges on their own, but often, users do it for them.



#6 Warthog-Fan

Warthog-Fan
  • Topic Starter

  • Members
  • 312 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Endicott, NY
  • Local time:10:42 PM

Posted 26 June 2017 - 05:53 PM

jwoods301,

 

After all that I've read on malware and how it is contracted, I'm paranoid about clicking links. I delete emails without opening them unless they are from someone that I know, and I never click on ads that show up on web pages. If I'm not deliberately looking for it, I avoid it. I probably go to the opposite extreme, but better safe than sorry.



#7 jwoods301

jwoods301

  • Members
  • 1,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:42 PM

Posted 26 June 2017 - 06:12 PM

jwoods301,

 

After all that I've read on malware and how it is contracted, I'm paranoid about clicking links. I delete emails without opening them unless they are from someone that I know, and I never click on ads that show up on web pages. If I'm not deliberately looking for it, I avoid it. I probably go to the opposite extreme, but better safe than sorry.

 

These articles fron Brian Krebs may be of interest...

 

https://krebsonsecurity.com/2011/05/krebss-3-basic-rules-for-online-safety/

 

https://krebsonsecurity.com/tools-for-a-safer-pc/



#8 Warthog-Fan

Warthog-Fan
  • Topic Starter

  • Members
  • 312 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Endicott, NY
  • Local time:10:42 PM

Posted 26 June 2017 - 07:23 PM

jwoods301,

 

Thanks. I'll check them out.



#9 GoofProg

GoofProg

  • Banned
  • 224 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:42 PM

Posted 29 June 2017 - 01:39 PM

Ugh.  If you want secure then just create a virutal machine and surf the web that way.  If it goes down it is so easy to rebuild it.

I suggest making a virtual with Linux because using a windows OS for it is quite expensive.

 

It is a spin from sandboxing the browser which was popular back in the hayday.

 

The idea is run the cookies all over the place.  The whole environment just gets flattened by the mad construction company and it is rebuilt by being a city project from the Mayor.  (and then you bill the person that wrecked your creation in the first place.)



#10 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 9,226 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:09:42 PM

Posted 29 June 2017 - 02:14 PM

Ugh.  If you want secure then just create a virutal machine and surf the web that way. 

 

Why not just practice the very easy to follow safe computing practices that apply to one's own situation and avoid the whole hassle.  A great many of the things discussed there will not be pertinent to specific users.

 

If someone is getting infected on a constant basis then it is almost certainly their own behavior that's bringing this on.

 

This is a solution for a problem that needs a different one, not that it won't work, but it doesn't address the root issue.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1809, Build 17763 

     Presenting the willfully ignorant with facts is the very definition of casting pearls before swine.

             ~ Brian Vogel

 

 

 

              

 


#11 Warthog-Fan

Warthog-Fan
  • Topic Starter

  • Members
  • 312 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Endicott, NY
  • Local time:10:42 PM

Posted 29 June 2017 - 07:18 PM

I agree, Brian.

 

I was concerned about whether I was leaving my entire computer open to malware by running only one program "As an Administrator". I think that you've answered that, and I will continue to use safe surfing practices.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users