Opened 5 years ago

Closed 4 years ago

Last modified 4 years ago

#12678 closed defect (fixed)

Installing unsigned bundle of the Tor Browser on Windows 8 require admin. privileges

Reported by: lunar Owned by: erinn
Priority: Medium Milestone:
Component: Applications/Tor bundles/installation Version:
Severity: Keywords: needs-triage
Cc: mcs Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

<phobos> the requirement for admin privs is bad
<phobos> lots of places don't allow that

Child Tickets

Change History (14)

comment:1 Changed 5 years ago by mcs

Cc: mcs added

comment:2 Changed 5 years ago by lunar

<sherief> I created a normal user on win7 and I can bypass the unsigned software warning without admin privs. it's probably a corporate policy.
<gamembel> so, i read that if an executable contains "update", "setup" or "install" in the name, windows will ask for admin privileges. wtf
<phobos> interestingly, they can plug in a usb drive, and unzip the tbb zip file i made to their downloads folder and then run tbb

comment:3 Changed 5 years ago by gk

How can I reproduce this problem? I've never seen this issue when testing on my Windows boxes.

comment:4 Changed 5 years ago by Sherief

I vote on closing this. We can't help employees breaking corporate policy. If I get such requests at the help desk I advise using tails.

comment:5 Changed 5 years ago by erinn

Keywords: needs-triage added

comment:6 Changed 5 years ago by ericlaw

On Windows8 and later, OS-wide SmartScreen means you must have admin permissions to run "unknown" software. Because Tor isn't properly authenticode-signed, ever new build is blocked from install for a few days.

http://blogs.msdn.com/b/ieinternals/archive/2011/03/22/authenticode-code-signing-for-developers-for-file-downloads-building-smartscreen-application-reputation.aspx

comment:7 Changed 5 years ago by erinn

Hi ericlaw, thanks for the link!

We're working with Digicert about this right now and hope to have it done soon. It's a bit more complicated than normal because of our build environment & reproducible builds (plus the team being distributed), but we're making progress. I hope to have a more meaty update for your soon.

comment:8 Changed 4 years ago by cypherpunks

Resolution: fixed
Status: newclosed

Tested the latest TorBrowser installer, no UAC or any notifications if to launch it from local disk. No admin privs need either. If to launch signed or unsigned executable file from external media then security warning appears, but it not tries to escalate your privs.
Closing as fixed.

comment:9 Changed 4 years ago by ericlaw

THIS IS NOT FIXED. TBB 4.0.8 is not yet signed.

You didn't get any warnings because you're running a modern version of Windows that uses SmartScreen to check the file hash against known hashes.

If TBB 4.0.9 ships this way, it too will be blocked until SmartScreen recognizes the new file.

comment:10 Changed 4 years ago by ericlaw

Resolution: fixed
Status: closedreopened

comment:11 Changed 4 years ago by WithinRafael

Can confirm torbrowser-install-4.0.8_en-US.exe is not signed. I suggest that tests for bug closure include looking at the actual binary and not be based solely on observational data.

comment:12 Changed 4 years ago by gk

Resolution: fixed
Status: reopenedclosed

The bug is fixed. 4.5a5 is signed and 4.5, the new stable, will be released next week and signed, too.

comment:13 Changed 4 years ago by cypherpunks

THIS IS NOT FIXED. TBB 4.0.8 is not yet signed.
I suggest that tests for bug closure include looking at the actual binary and not be based solely on observational data.

OK folks, tried to test wrong stuff. So it was about WIN8 where you can't to install unsigned software without admin privs.

comment:14 Changed 4 years ago by cypherpunks

Summary: Installing the Tor Browser on Windows should not require admin. privilegesInstalling unsigned bundle of the Tor Browser on Windows 8 require admin. privileges
Note: See TracTickets for help on using tickets.