Forum: SuRun English speaking RSS
SuRun doesn't preserve process parent
xarx #1
Mitglied seit 03/2018 · 6 Beiträge
Gruppenmitgliedschaften: Mitglieder
Profil anzeigen · Link auf diesen Beitrag
Betreff: SuRun doesn't preserve process parent
This problem is related to the problem that SuRun interferes elevation of all windows processes, not only those started with SuRun. (I pointed this out in a previous thread in this forum.)

I use a file-manager (FarManager, https://www.farmanager.com/) that allows elevation of its own rights when copying files to a folder that needs it (e.g. to "Program Files"). It does that by creating a sub-process with elevated rights. The sub-process is invisible (it does not have its own window), and its parent process is normally the file-manager process.

After installing SuRun, it doesn't work this way anymore. When the file-manager wants to elevate itself, the secure desktop occurs as usual, but now with the SuRun dialog instead of the standard Windows one. The result is that the elevated file-manager process is now visible and its parent is not the original file-manager process.

Windows 7 Pro x64, SuRun 1.2.1.2.
xarx #2
Mitglied seit 03/2018 · 6 Beiträge
Gruppenmitgliedschaften: Mitglieder
Profil anzeigen · Link auf diesen Beitrag
Betreff: Solution
The solution is the same as http://forum.kay-bruns.de/post/4085. Turning off the feature solves both problems.
Kay (Administrator) #3
Benutzertitel: Weltverbesserer
Mitglied seit 11/2007 · 1479 Beiträge · Wohnort: Magdeburg
Gruppenmitgliedschaften: Administratoren, Mitglieder
Profil anzeigen · Link auf diesen Beitrag
Sorry for the late answer.

If SuRun needs to create an elevated process it cannot set the parent process for the new child.
A helper surun.exe will start the child process and then terminate.
So the parent child relationship between the two processes is never set.
The helper Process is needed because the elevated token should not go to the non elevated calling process to not make it readable to malware.
You can tell SuRun to not set a hook into programs via the setup.
The UAC pops in and preserves the processes relationship.
Schließen Kleiner – Größer + Auf diesen Beitrag antworten:
Prüfcode: VeriCode Gib bitte das Wort aus dem Bild ins folgende Textfeld ein. (Nur die Buchstaben eingeben, Kleinschreibung ist in Ordnung.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Weitere Zeichen:
Gehe zu Forum
Nicht angemeldet. · Kennwort vergessen · Registrieren
This board is powered by the Unclassified NewsBoard software, 20150713-dev, © 2003-2015 by Yves Goergen
Seite erstellt in 65,4 ms (25,2 ms) · 53 Datenbankabfragen in 12,4 ms
Aktuelle Zeit: 16.08.2018, 15:43:18 (UTC +02:00)