当サイトはユーザー体験を改善するためのメンテナンスを実施中に機能が制限される予定です。記事を読んでもあなたの問題が解決せず質問をしたい場合は、Twitter の @FirefoxSupport、Reddit の /r/firefox で、サポートコミュニティが皆さんを助けようと待機しています。

Avatar for Username

Mozilla サポートの検索

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

詳しく学ぶ

このスレッドはアーカイブに保管されました。 必要であれば新たに質問してください。

What are the security risks of lauching -no-deelevate option as suggested in this Article (link)

  • 1 件の返信
  • 1 人がこの問題に困っています
  • 13 回表示
  • 最後の返信者: cor-el

ccrc28
ccrc28
more options

About this article: https://support.mozilla.org/en-US/kb/windows-administrator-launcher-process-error-fix#w_how-to-verify-the-problem

In order to solve the drag and drop issue under win7, article above suggests "Start Firefox Using the -no-deelevate command" but doesn't clarify what would be the risks on doing it.

I mean, the security risk is only mentioned in the next suggestion "partial workaround", saying it would be rather than lower security by using -no-deelevate instead, but also gives no information about what risks would be.

So I would like to know:

1) If I decide to use -no-deelevate option, what sort of risks I'm taking?

2) To a no fool internet user, is it worthy to take?

This is relevant for me cuz re-enable UAC makes user have to confirm dialog box to everything at all in Windows despite logged as full right administrator.

Nor less annoying are the other option "copy and paste" "save as", putting me under ridiculous situation of needy to use Opera browser only to be able of drag IMDB links and images into a folder, then backing to Firefox for everything else.

You can drag an image even to a folder in an USB external drive (OMG-WTF)

Thanks you all.

About this article: [http://example.com https://support.mozilla.org/en-US/kb/windows-administrator-launcher-process-error-fix#w_how-to-verify-the-problem ] In order to solve the drag and drop issue under win7, article above suggests "Start Firefox Using the -no-deelevate command" but doesn't clarify what would be the risks on doing it. I mean, the security risk is only mentioned in the next suggestion "partial workaround", saying it would be rather than lower security by using -no-deelevate instead, but also gives no information about what risks would be. So I would like to know: '''1) If I decide to use -no-deelevate option, what sort of risks I'm taking? ''' '''2) To a no fool internet user, is it worthy to take? ''' This is relevant for me cuz re-enable UAC makes user have to confirm dialog box to everything at all in Windows despite logged as full right administrator. Nor less annoying are the other option "copy and paste" "save as", putting me under ridiculous situation of needy to use Opera browser only to be able of drag IMDB links and images into a folder, then backing to Firefox for everything else. You can drag an image even to a folder in an USB external drive (OMG-WTF) Thanks you all.

この投稿は ccrc28 により に変更されました

すべての返信 (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

So you think that disabling UAC is a lower risk than running Firefox with lower integrity by using -no-deelevate and the former is acceptable (i.e. you do not worry), but you worry about Firefox?

It is up to you to decide how much effort is acceptable for your security, we can't advise you in this matter apart from suggesting to enable UAC or accept its limitations.

On Windows it is already easier to bypass security and you only need to confirm a UAC alert. If you disable UAC then not much security safety is left. On a platform like Linux you need to enter the administrator (root) password each time you need write permission for saving a file to a restricted location. Adequate security comes with a cost and you need to accept extra effort or else this has not much meaning if you bypass these measures.