As far as I remember the secret is to log in as admin and change the ownership of the files to yourself, then change permissions and then do whatever the f you want with the files.
this post was submitted on 08 Jul 2024
636 points (96.9% liked)
Programmer Humor
31968 readers
402 users here now
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
- Posts must be relevant to programming, programmers, or computer science.
- No NSFW content.
- Jokes must be in good taste. No hate speech, bigotry, etc.
founded 5 years ago
MODERATORS
Did I do something odd when I set up my windows 11 machine?
If Microsoft has something marked as admin access, it just presents me with a dialogue asking if I want to do whatever as admin
I mean it's not like I have open hardware so there's a whole lot of my machine I really have no practical access to, but everything this guy wants is there
Him saying he's the owner suggests a private machine, so no corporate lockout from system components. Do computer shops set up admin accounts and lock their customers out as low-privileged users?
I want to say "Haha, Idiot trusting Microsoft".
But honestly I want the same stuff he wants. Including modems in mobile phones. Including EVERYTHING I own.
There's an OS you might like. It has no UAC, no file permissions, no sudo nor chmod, as it has no multi-user support, no antivirus and no firewall, no protection rings, not even spectre/meltdown mitigations, and most of all - no guard-rails whatsoever: You can patch the kernel directly at runtime and it won't even give you a warn. And yet, it is perfectly safe to run. It's called TempleOS and it achieves such a flawless security by having no networking support whatsoever and barely any support for removable media. If you want a piece a software - you just code it in, manually. You don't have to check the code for backdoors if it's entirely written by you... only for CIA at your actual back door...
Huh, didn't realise Windows is on a level to be compared to TempleOS. And losing. Thanks for that.
What does 'modems in mobile phones' mean? Isn't the whole thing a modem strapped onto a screen? What am I missing?
A lot of phone modems ship with their own SoC (processor) running its own OS. It's much smaller and slower than the main phone SoC but, depending on its implementation, it can have full access to all of your main processor's memory through DMA.
I just saw discussions like this
So no, there are more parts to your phone. You forgot the whole part you, the user, solely interact with.
I think they just mean they should have control over the modem. They are all locked down and proprietary with known backdoors throughout history, effectively bypassing any OS level security.
Andrew is going to get malware on his PC, guaranteed.
Is this real? Are people having to request permission changes on files by petitioning microsoft to change their permissions?
I'm a sysadmin and I work with Windows a lot.
The short version is that only the users granted permission to a given set of files can access those files. With NTFS permissions it's... Complicated. You can have explicit permission to a file, or implied permission via a group that you're a part of, or some combination of those things. You can also have read, but no write. You can have append but not create, you can have delete, but not list. It's a lot of very granular, very crazy permissions.
There's also deny permissions which overrule everything.
What has likely happened is that the posters user account doesn't have implied or explicit permission to the file, but if you sign in as an administrator, even if the administrator doesn't have permission to read/write/append/delete the file, the administrator has permission to take ownership of a file, and as owner, change the permissions of a file. Being owner doesn't mean you can open/read/write/append/delete anything, you can just change permissions and give yourself (or anyone else) permissions to the file.
Changing ownership is a right which, as far as I'm aware, cannot be revoked from admin level users. They can always change ownership. Owners of files cannot be denied the right to change the permissions of a file as far as I know. This will always result in some method by which administrative level accounts can recover access to files and folders.
In my experience, exceptions exist but are extremely rare (usually to do with kernel level stuff, and/or lockouts by security/AV software).
The poster might legally and physically own the device and all the data contained therein, and may have an administrative level account on that device, but the fact is, their NTFS permissions are not set to allow them access to the data. The post they're replying to is trying to let them know how to fix it by using an administrative level account and they're not tech-savvy enough to follow along.
I don't blame them. File permissions issues are challenging even for me, and I fully understand the problem.
Huh, having separate append permission is interesting. i didn't realize that was an option.
Yep, there's actually quite a few more than what I mentioned, if you get into the advanced dialogs.
IMO, it's unnecessarily complicated, but given that NTFS is used for network file sharing in large companies, I get why it's so crazy. They probably demand those kinds of granular permissions.
I know Linux is a lot simpler. Just read/write/execute, and a single group, single owner, and a setting for "everyone else" kind of thing, which is generally sufficient for 90% of use cases.
I think what happened here is that something went wrong and messed up the permissions of some of the users files. MS help suggested that he login as an administrator and reatore the intended permissions.
I don't work with Windows boxes, but see a similar situation come up often enough on Linux boxes. Typically, the cause is that the user elevated to root (e.g. the administrator account) and did something that probably should have been done from their normal account. Now, root owns some user files and things are a big mess until you go back to root and restore the permissions.
It use to be that this type of thing was not an issue on single user machines, because the one user had full privileges. The industry has since settled on a model of a single user nachine where the user typically has limited privileges, but can elevate when needed. This protects against a lot of ways a user can accidentally destroy their system.
Having said that, my understanding of Windows is that in a typical single user setup, you can elevate a single program to admin privileges by right clicking and selecting "run as administrator", so the advice to login as an administrator may not have been nessasary.
So this guy is just bitching because he sudo installed something?
It’s not MS having to manage your folder permissions remotely?
I feel like he has a machine that someone set up for him, and he can't escalate permissions, because he's on a basic user account.
The normal way this works on a single user machine is:
- You try to do something that is restricted to admin
- Windows puts up a modal dialogue box asking if you want to do it as admin
- You click yes
- You do it as admin
But in that case he can't have locked himself out of a file, he can only be locked out of things Microsoft think you shouldn't muck with unless you know what you're doing
On that last part, theres a difference between elevating a file to admin, and being an admin in Windows.
In a lot of cases the ui is GREATLY simplified when not an admin, to the point where you might only have like 20% of all available options.
For the standard user? Great! Not when you're messing around with permissions.
It's why you ALWAYS log in as Admin when setting up a windows server. Iirc you can't even install tiles without actually being an admin, even if you have all logins.
From my experience with windows, your current guess is correct btw :D
view more: next ›