Admin bookmarks Revealed

Discussion in 'privacy problems' started by CloneRanger, Dec 26, 2011.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    I'm the Admin on a relatives comp, as they are clueless :D

    Today before i arrived someone wanted to watch something on it as a regular user that required Flash. They got a message saying an update to Flash was needed to view, but couldn't install the latest V due to not having the Admin PW.

    When i arrived i was told of this, so later on i fired up the comp in the regular users account & installed it when prompted for the Admin PW. To my Great surprise when i next launched FF & went to the Bookmarks to click on Scroogle for someone to use, i was presented with my Bookmarks from the Admin account :eek: I closed FF & relaunched it & the Bookmarks were now the regular users.

    I don't have Any dodgy etc Bookmarks on there, but if i had, or others do, it could be Very embarrassing or worse, to say the least !

    How could Admin Bookmarks get launched from a regular users account ?
     
  2. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    Is it possible that Firefox exists only one Profile? The Default Profile.

    FF001.png

    Firefox stores settings, home page, toolbars, passwords, bookmarks in the file 'places.sqlite' that is located
    within an special profile folder that is kept in an separate place from the Firefox program called the Profile.


    Managing Firefox Profiles:
    http://support.mozilla.org/en-US/kb/Managing-profiles


    HKEY1952
     
  3. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    What if you are using portable Firefox? Does that profile get intermingled with the desktop Firefox??
     
  4. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    This is an easy one. Any time you are prompted to elevate in Windows 7 (or Vista) that program now runs under the credentials of the account entered when you are prompted. This is true of any program. If you launch ANY program as admin everything it links to is also as admin.

    Go ahead and launch any program as admin and try to open a file and browse to the desktop. See that it is the admins desktop that is presented in the open file dialog, not the limited user that is currently logged in. Launching a web browser as you have seen will expose all of your favorites and history and so on. Also notice that this process runs with high integrity, which could be highly dangerous for a web browser. Any time you have to elevate a process in a standard user account with admin credentials, make sure to close that program immediately when the task is completed and restart it.

    This is not as noticeable when you are running as a limited admin as when you elevate you are still under the same user. When you are elevating for a different user, it is more noticeable. However it is equally dangerous. Process Explorer is your friend. Run it as admin and display the Integrity column and play with elevating some processes and watch what it does. :ninja:
     
  5. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Thanks for the responses :) i thought i wasn't going to get any :(

    @ HKEY1952

    Next time i'm round there, i'll check the Profile :thumb:

    @ caspian

    Don't know, as it's an install version of FF, but good point :thumb:

    @ xxJackxx

    Interesting & Alarming ! Looks like you've cracked it :thumb: I'll be Much more wary in future.
     
Loading...
Thread Status:
Not open for further replies.