ReactOS UAC suggestion

Here you can discuss ReactOS related topics.

Moderator: Moderator Team

Post Reply
User avatar
jonaspm
Posts: 585
Joined: Mon Nov 21, 2011 1:10 am
Location: Mexico
Contact:

ReactOS UAC suggestion

Post by jonaspm »

I was watching in YouTube "how to speed up PC" since Windows 7 comes with a lot of system processes and it becomes slower than it should run...

So i found this tip (UAC settings -> do not dim desktop), and tried it, it speeds up PC a bit, i don´t know if it saves RAM usage or Processor usage but it works, and i feel my computer faster and more responsive...

I think this should be implemented in ROS... i mean, the "do not dim desktop trick" since it does not help in anything to dim desktop

here´s the link: http://www.technixupdate.com/set-uac-in ... t-appears/

Maybe the "Secure Desktop" can be used without dimming the desktop?

milon
Posts: 969
Joined: Sat Sep 05, 2009 9:26 pm

Re: ReactOS UAC suggestion

Post by milon »

jonaspm wrote:I think this should be implemented in ROS... i mean, the "do not dim desktop trick" since it does not help in anything to dim desktop
ReactOS already implements the "do not dim desktop" feature. :D

BrentNewland
Posts: 176
Joined: Wed Oct 05, 2011 7:32 am

Re: ReactOS UAC suggestion

Post by BrentNewland »

From what I understand, getting a UAC prompt opens up kind of a "virtual" desktop (like it does when you hit ctrl-alt-del and get the screen where you can start task manager in Windows 7). That's so other programs can't approve the UAC prompt.

Turning it off would theoretically allow malware to auto-approve UAC prompts.

User avatar
jonaspm
Posts: 585
Joined: Mon Nov 21, 2011 1:10 am
Location: Mexico
Contact:

Re: ReactOS UAC suggestion

Post by jonaspm »

BrentNewland wrote: Turning it off would theoretically allow malware to auto-approve UAC prompts.
your right, but i mean activate that desktop without dim the screen since it.uses a lot of ram

PurpleGurl
Posts: 1788
Joined: Fri Aug 07, 2009 5:11 am
Location: USA

Re: ReactOS UAC suggestion

Post by PurpleGurl »

We don't have UAC, so the dimming the desktop option is not applicable. In 7, they dim the desktop to get users attention. Like you said, that takes resources and is not compatible with all hardware, so they have a setting to turn it off. AFAIK, we don't even have UAC, so this is a trivial matter for now.

milon
Posts: 969
Joined: Sat Sep 05, 2009 9:26 pm

Re: ReactOS UAC suggestion

Post by milon »

jonaspm wrote:
BrentNewland wrote: Turning it off would theoretically allow malware to auto-approve UAC prompts.
your right, but i mean activate that desktop without dim the screen since it.uses a lot of ram
Whether or not it uses RAM doesn't really matter - it interrupts EVERYTHING else, so it's not like that RAM is going to be needed for anything. ;)
But it's strange if it uses a lot of RAM. How did you determine that? I wouldn't think that darkening the screen would be very memory-intensive...

swight
Posts: 130
Joined: Thu Jan 10, 2008 10:31 pm

Re: ReactOS UAC suggestion

Post by swight »

It depends on how it functions. I could possibly see it using a bunch of memory if it is working sorta like the sleep or hibernation function where most of the OS is shutdown and saved to RAM or hard disk. This would be kinda the wholesale approach to the problem by saying nothing except this subsection of the OS should be functioning at this time. This is true but may be a little overkill.

Another approach would just to send the graphics card a colored quad(to dim the screen) and make sure all input functions that could be triggered by programs have a wait instruction of some sort that would prevent them from completing till the UAC went away. Then display the message to be approved. This would use almost no memory(beyond the amount currently being used) at all but it requires that the developers be on the look out for all the relevant input functions and functions that can do input indirectly as well.

So 1st method=lazy,slow,but very secure
2nd method=More work required,fast,fairly secure but holes are possible.

Dimming the desktop in it's self would not make a computer use much RAM unless the developer chose to be stupid and used a 32-bit image the size of the desktop. And then it would be 4*XScreenResolution*YScreenResolution bytes. There are much more efficient routes that only require inputting 4 X/Y positions and a color.
The part the uses up Ram is much more likely what is happening behind the scenes to prevent programs from playing with the UAC prompt. And note that when you disable dimming the desktop you also disable this security measure. That is why you get a performance improvement from disabling this feature.

milon
Posts: 969
Joined: Sat Sep 05, 2009 9:26 pm

Re: ReactOS UAC suggestion

Post by milon »

I just assumed (previously) that Windows did a blend of the 2 options - tell the graphics card to dim the screen, and then suspend all non-Windows processes (and maybe even the non-critical Windows processes) until Admin rights had been given or cancelled. Are there any flaws with that approach?

Z98
Release Engineer
Posts: 3379
Joined: Tue May 02, 2006 8:16 pm
Contact:

Re: ReactOS UAC suggestion

Post by Z98 »

There would be no reason to suspend processes globally. The process asking for elevation might be suspended depending on how it was written/how old it is.

swight
Posts: 130
Joined: Thu Jan 10, 2008 10:31 pm

Re: ReactOS UAC suggestion

Post by swight »

Actually there is a reason it should effect all programs. Basically a program could theoretically start another program to dismiss a UAC prompt it knows is going to come up shortly. This would essentially allow the program to elevate it's own permissions if UAC wasn't password protected. The idea of the dim the screen feature is to prevent ANY program from hitting the OK button instead of the real user. If you are only stopping the program asking for permission you open up this scenario.

And you don't have to suspend them all if you lock down all I/O operations properly. But as I said before you have to consider all of the possible vulnerabilities. If that isn't possible then suspension is the better answer. Another route would to make sure the UAC window ignores all input not directly from the user. Though I am not sure how that would be implemented it would probably be the most efficient method if it was possible.

Z98
Release Engineer
Posts: 3379
Joined: Tue May 02, 2006 8:16 pm
Contact:

Re: ReactOS UAC suggestion

Post by Z98 »

There's no way a program that wasn't already elevated can dismiss a UAC prompt. They'd need to cross desktop sessions to pull it off, which is a privileged operation.

Post Reply

Who is online

Users browsing this forum: Ahrefs [Bot] and 2 guests