Qs about DropMyRights

Just recently installed DropMyRights and i have few Qs.

1- When my browser or any other application is running under DMRs,Is there any way to know whether the application is running under DMR or with normal admin privilages.

2- When I run IE of FF via DMRs shortcut, Comodo firewall tells em a new parent, DMRs, for IE and FF but when I run Opera with DMRs, I don,t such a pop up. What does it mean? IS Opera not running under DMRs or Comodo is missing here?
I tried many times and got same results.

Thanks for any responses.

 

I dont know how to do that without a external app. I always use the excellent little free app Process Explorer that gives alot of info on what is going on.
Double click on firefox.exe or iexplore.exe choose the security tab. The top most line that says BUILTIN/ADMINISTRATORS
"Owner" means that it has admin rights
"Deny, Owner" means that it has user rights.

http://www.sysinternals.com/Utilities/ProcessExplorer.html

 

Thanks for the info.
I have Process Explorer, so will see it.

 

PrivBar works in IE (6 and 7) http://blogs.msdn.com/aaron_margosis/archive/2004/07/24/195350.aspx

 

IE and FF are running under DMRs but Opera doesn,t inspite of starting it from proper short cut.
It,s strange.

 

Hello,
Prefix the Opera shortcut with DropMyRights shortcut. Then try again.
Mrk

 

I don't understand the need for this software, as it encourages doing something backwards. One should run as a limited user and use "run as ..." for applications that require higher privileges (which should be only a few anyway). Why run additional software (which may introduce new flaws/exploits) when a similar and more encompassing ability is already present in the operating system?

 

Hello,
Supposedly, the limited user "should" work properly. But it doesn't. Remember, it ain't Linux. It's Windows. For instance, you cannot retrieve server list in eMule using Limited user (at least I couldn't and some friends I know), although eMule works perfectly as its own unprivileged user in an admin account.
Many apps fail to work correctly, games included.
Backward thinking is how they designed the admin / limited account functionality. Once again, Linux pwns.
Mrk

 

I ran Windows as Limited User and didn't have any real issues. I only had 2 apps as far as my memory serves me that needed admin privileges (PG and RegRun off the top of my head). I'm not a gamer, so I can't speak to that ... but it shouldn't require higher privileges. I did file sharing as a limited user and never encountered an issue, but I didn't use eMule either.

I agree *nix has it right and thankfully M$ recognize that, and will now go this route with Vista and beyond. It'll go a long way to making the internet better for everyone.

 

Sorry, did not understand.

 

Hello,
In your "c:\program files\opera\opera.exe" line:
You need to add c:\program files\dropmyrights.exe before opera line
like this:

c:\program files\dropmyrights.exe "c:\program files\opera\opera.exe"

This is the right line, regardless of start with.
Now make sure you right the correct path to dropmyrights.

And select run as minimized.

Mrk

 

Ok, but i can,t do that.

 

Have you placed the dropmyrights.exe directly into your Program Files Folder or is it inside a folder named DropMyRights which is inside your Program Files Folder?

If it's the latter the shortcut location should read :

"c:\Program Files\DropMyRights\dropmyrights.exe" "c:\Program Files\Opera\opera.exe"

 

This might be interesting to you
http://www.sysinternals.com/blog/2006_03_01_archive.html

The vast majority of Windows users run as members of the Administrators group simply because so many operations, such as installing software and printers, changing power settings, and changing the time zone require administrator rights. Further, many applications fail when run in a limited-user account because they’re poorly written and expect to have write access to directories such as \Program Files and \Windows or registry keys under HKLM\Software.

An alternative to running as limited user is to instead run only specific Internet-facing applications as a limited user that are at greater risk of compromise, such as IE and Outlook. Microsoft promises this capability in Windows Vista with Protected-Mode IE and User Account Control (UAC),

but you can achieve a form of this today on Windows 2000 and higher with the new limited user execution features of Process Explorer and PsExec.

Also explains how the tokens are stripped

 

Hello,
Like I said make sure the dropmyrights prefix is CORRECT!
You know the full path to it. Place it before opera path.
And below Run > Minimized.
Mrk

 

Ya exactly, it was the case. It works now. Thanks. The only thing is that the icon of Opera is replaced by the plain exe icon.

 

Ok, thanks. It worked now. As I said the icon of Opera is gone. Anyway to get it back?
Also why the path is different for IE and FF as compared to Opera?

 

You can use Icons from File to extract the Opera icon to a folder of your choice. Put the folder in a permanent location. http://www.vlsoftware.net/exico/

Then right click your shortcut > Properties > Change Icon and browse to the location of your saved Opera icon.

 

The correct shortcut locations for Internet Explorer and Firefox are :

"C:\Program Files\DropMyRights\dropmyrights.exe" "C:\Program Files\Internet Explorer\iexplore.exe"

"C:\Program Files\DropMyRights\dropmyrights.exe" "C:\Program Files\Mozilla Firefox\firefox.exe"

 

Exactly. And as for DropMyRights, it's the wrong way anyway. There is at least one other process (namely explorer.exe) permanently running with admin rights which is an easy target for malware using Windows messaging. An interesting read is http://blogs.securiteam.com/index.php/archives/188 . It's always astonishing how many users spend a lot of time in configuring zillions of security programs instead of solving the problems they might have with some applications under a limited account with Regmon and Filemon.

 

Thanks. I jaut changed the icon from shortcut properties by browsing to opera folder in program files.

 

But this one also works with IE and FF, not with Opera.

 

So how u people compare DMR with PsExec from sysinternals. Are they same or anyone is better?

 

I prefer the systeminternals version - easy to use. particluary process explorer. - has a menu for run as ....


If you look at the link I posted - it shows you how to look at the tokens for running processes.

Both options strip tokens to a minimum so should be equivalent...

 

Yes, sorry about that, Aigle, your method is simpler. I had used Icons from File to extract some of the hidden icons from the Opera Folder so I could easily recognise the DropMyRights version.

As regards your shortcuts to IE and Firefox I can't pretend to figure out how you got the one in the screenshot to work but, if it works, it works.

It does say that the "Target location" is DropMyRights but the "Target" just points to the normal location of iexplore.exe. When you have that Properties window open can you scroll to the left in the "Target" box to show a reference to the dropmyrights.exe or is what is showing in the screenshot all there is?