Can't drag files from TC to Windows 10 Mail

The behaviour described in the bug report is either by design, or would be far too complex/time-consuming to be changed

Moderators: white, Hacker, petermad, Stefan2

Post Reply
Egorro
Junior Member
Junior Member
Posts: 3
Joined: 2017-03-27, 15:36 UTC

Can't drag files from TC to Windows 10 Mail

Post by *Egorro »

Hi all!
I'm using Total Commander as the main file manager for many years, and since Windows 10 was released use it's Mail app a lot. There is a little issue in Drag-n-drop operations with Total Commander: while composing an email, I can't drag any file as addon inside the Mail window: it just change mouse cursor to 'unavailable' and doesn't allow to do anything with it (.ru instead of *ru, novice restrictions):
Image: f6.s.qip*ru/G1CCNSwp.jpg
http://f6.s.qip.ru/G1CCNSwp.jpg
Doing the same from the Explorer instead of TC allows to add the file to the message:
Image: f4.s.qip*ru/G1CCNSwq.jpg
http://f4.s.qip.ru/G1CCNSwq.jpg
It's not a critical issue but I'd like to ask: is it a known real bug and is there any solution to it?
Will be thankful for any answers, sorry for possibly bad English.
User avatar
sqa_wizard
Power Member
Power Member
Posts: 3854
Joined: 2003-02-06, 11:41 UTC
Location: Germany

Post by *sqa_wizard »

By chance your TC is running as administrator?
#5767 Personal license
Egorro
Junior Member
Junior Member
Posts: 3
Joined: 2017-03-27, 15:36 UTC

Post by *Egorro »

sqa_wizard wrote:By chance your TC is running as administrator?
Yes, it is. I'm not even sure if this a problem with some settings or issues on my PC only or it's the way TC interacting with Win10 Apps, can't check on any other system right now to make sure
User avatar
Stefan2
Power Member
Power Member
Posts: 4133
Joined: 2007-09-13, 22:20 UTC
Location: Europa

UAC Drag- and Drop are messages admin normal limited rights

Post by *Stefan2 »

Egorro wrote:
sqa_wizard wrote:By chance your TC is running as administrator?
Yes, it is. I'm not even sure if this a problem with ...
No, that is the point.... running one program as admin and one as normal user.


I have googled to find a quote in good english words for you:

this is how the UAC works.
Drag- and Drop are messages.
And sending messages from a program with normal rights,
to an application with admin rights can cause security issue.

Do Drag & Drop only work with application with the same rights
(program with Admin rights to program with admin rights
or program with normal rights to program with normal rights ).
https://social.technet.microsoft.com/Forums/windows/en-US/cba0e9b1-25f8-40e5-a888-1435d604f68d/run-as-administrator-prevents-drag-and-drop-working?forum=w7itprosecurity
Don't be confused by the last comment there: "User already has admin rights." User have to have elevated rights (RunAsAdmin) to let it work.


They do not talk here about NTFS permissions, but about a new Vista thingy called "integrity level" as part of the Vista UAC.
With UAC turned on, each program have an IL assign by the UAC system.
A program launched with elevated admin rights have a higher IL than other programs.
And a UAC sub system blocks messages between the different levels, so drag&drop
is not possible from programs running on a lower level to a program on a higher level.
https://blogs.msdn.microsoft.com/patricka/2010/01/28/q-why-doesnt-drag-and-drop-work-when-my-application-is-running-elevated-a-mandatory-integrity-control-and-uipi/
And follow-up > Inside Windows Vista User Account Control.



So this is actually a WindowsTM feature.



And one last thing, to make this post complete:
Running as Administrator on WindowsTM since Vista and newer,
you are an Administrator which have his advanced rights dropped down (technically spoken: from his 'token').
But as Administrator you can get back that rights by launching a program with " Run as Administrator" from context menu,
from the settings on an shortcut LNK, or from console via RunAs command.


 

EDIT
changed "drag&drop is not possible between programs of different levels"
to "drag&drop is not possible from programs running on a lower level to a program on a higher level."


 
Last edited by Stefan2 on 2017-03-28, 09:34 UTC, edited 2 times in total.
Egorro
Junior Member
Junior Member
Posts: 3
Joined: 2017-03-27, 15:36 UTC

Re: UAC Drag- and Drop are messages admin normal limited rig

Post by *Egorro »

Stefan2 wrote:
Egorro wrote:
sqa_wizard wrote:By chance your TC is running as administrator?
Yes, it is. I'm not even sure if this a problem with ...
No, that is the point.... running one program as admin and one as normal user.

I have googled to find a quote in good english words for you:
...
So this is actually a WindowsTM feature.
 
Thank you, that is really the solution: launched Total Commander in normal mode and it allowed me to drag the file to the Mail)) I didn't even think to look in this direction, never seen such restrictions in any other cases (i.e. I still can drag the file from TC^ to normal Word etc).
Thank you again, I will search for some way of launching Win10 apps in admin mode or keep using as is.
User avatar
Horst.Epp
Power Member
Power Member
Posts: 6450
Joined: 2003-02-06, 17:36 UTC
Location: Germany

Re: UAC Drag- and Drop are messages admin normal limited rig

Post by *Horst.Epp »

Egorro wrote:
Stefan2 wrote:
Egorro wrote: Yes, it is. I'm not even sure if this a problem with ...
No, that is the point.... running one program as admin and one as normal user.

I have googled to find a quote in good english words for you:
...
So this is actually a WindowsTM feature.
 
Thank you, that is really the solution: launched Total Commander in normal mode and it allowed me to drag the file to the Mail)) I didn't even think to look in this direction, never seen such restrictions in any other cases (i.e. I still can drag the file from TC^ to normal Word etc).
Thank you again, I will search for some way of launching Win10 apps in admin mode or keep using as is.
There is no need or benefit to run any App or Program in Admin mode
for doing normal work.
The security model of Windows since Vista tries to protect you
from Trojans and Viruses by not allowing communication between low level and high level programs.
Windows 11 Home x64 Version 23H2 (OS Build 22631.3374)
TC 11.03 x64 / x86
Everything 1.5.0.1371a (x64), Everything Toolbar 1.3.2, Listary Pro 6.3.0.69
QAP 11.6.3.2 x64
User avatar
Hacker
Moderator
Moderator
Posts: 13052
Joined: 2003-02-06, 14:56 UTC
Location: Bratislava, Slovakia

Post by *Hacker »

Horst.Epp,
The security model of Windows since Vista tries to protect you
from Trojans and Viruses by not allowing communication between low level and high level programs.
Do you know of any research if it actually works? Some statistics of how many people were not infected thanks the UAC dialog box? Also, does it help in any way against, say, ransomware that would encrypt all my private data (like photos, documents, etc.)?

TIA
Roman
P.S.: Sorry for being OT.
Mal angenommen, du drückst Strg+F, wählst die FTP-Verbindung (mit gespeichertem Passwort), klickst aber nicht auf Verbinden, sondern fällst tot um.
User avatar
HolgerK
Power Member
Power Member
Posts: 5406
Joined: 2006-01-26, 22:15 UTC
Location: Europe, Aachen

Post by *HolgerK »

https://www.avecto.com/resources/reports/microsoft-vulnerabilities-report-2013/key-findings/
The report highlights the following key findings:

- Of the 147 vulnerabilities published by Microsoft in 2013 with a Critical rating, 92% were concluded to be mitigated by removing administrator rights
- 96% of Critical vulnerabilities affecting Windows operating systems could be mitigated by removing admin rights
- 100% of all vulnerabilities affecting Internet Explorer could be mitigated by removing admin rights
- 91% of vulnerabilities affecting Microsoft Office could be by removing admin rights
- 100% of Critical Remote Code Execution vulnerabilities and 80% of Critical Information Disclosure vulnerabilities could be mitigated by removing admin rights
- 60% of all Microsoft vulnerabilities published in 2013 could be mitigated by removing admin rights
Hacker wrote:Also, does it help in any way against, say, ransomware that would encrypt all my private data (like photos, documents, etc.)?
Not really, because this malware does not needs administrative rights to scramble your data (or make use of known exploits to gain higher privileges).
But does any Virus scanner software works better in this scenario?
(may be with some kind of behavior detection...)

The best strategy in this case is an up to date backup of important data (saved on an offline media).
And not to run any software you receive via mail or internet downloads.

So yes: UAC helps. But... only in combination with latest security patches of system and user software and last but not least with brain2.0....

Regards
Holger
User avatar
Hacker
Moderator
Moderator
Posts: 13052
Joined: 2003-02-06, 14:56 UTC
Location: Bratislava, Slovakia

Post by *Hacker »

2HolgerK
Well, what they base their statistics on is not really confidence inspiring:
For this report, a vulnerability is classed as one that could be mitigated by removing admin rights if the sentence "Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights" is found within the Executive Summary of the bulletin in which that vulnerability appears.
In other words, we cannot rule out that UAC might help, only god knows.

Still, I'd welcome some real world usage report. I mean, if I run some software, I already decided to trust it. Now I'd have to be either very good at on-the-fly reverse engineering to be able to judge if to allow admin rights or not, or as an alternative I could simply choose to be paranoid by default and click No to every request where it is not completely obvious why I should click Yes. Because, what else can I base my decision on? An executable's name? The details of its digital signature (if it has any)? It's the same situation as with virus scanners asking you to judge the security risk of any given code execution - something nobody can really do with any sufficient confidence.

I wonder if there are any stats, like, yeah, we made some tests, asked users to install 20 programs, among them two malware ones and for the malware ones they chose to click "No" based on this and that, so UAC really helped.

Thanks
Roman
Mal angenommen, du drückst Strg+F, wählst die FTP-Verbindung (mit gespeichertem Passwort), klickst aber nicht auf Verbinden, sondern fällst tot um.
Nepcior
Junior Member
Junior Member
Posts: 7
Joined: 2015-04-09, 20:31 UTC

Re: Can't drag files from TC to Windows 10 Mail

Post by *Nepcior »

Egorro wrote:I can't drag any file as addon inside the Mail window: it just change mouse cursor to 'unavailable' and doesn't allow to do anything with it (.ru instead of *ru, novice restrictions):
Image: f6.s.qip*ru/G1CCNSwp.jpg
I am experiencing similar issue. I can't drag anything outside TC window. In fact I run TC as an administrator, but i changed this setting and it does not help, still does not work. Beside this i was able to use drag'n'drop until now. It just suddenly stop working today. Any ideas what's wrong?

Windows 7 Enterprise x64
TC 9.0a
User avatar
ghisler(Author)
Site Admin
Site Admin
Posts: 48028
Joined: 2003-02-04, 09:46 UTC
Location: Switzerland
Contact:

Post by *ghisler(Author) »

TC is probably still running as administrator. Please check the title bar, does it contain a ^ character? Then it's running as administrator.
Author of Total Commander
https://www.ghisler.com
Nepcior
Junior Member
Junior Member
Posts: 7
Joined: 2015-04-09, 20:31 UTC

Post by *Nepcior »

Hello Author.
No, it has no this character. But if i run TC as an administrator it has no "^" either. I suppose I am starting TC always as a normal user, even if i mark "run this program as an administrator". This is company computer with domain and a lot of special security software and settings avoiding normal users to have elevated priviliges
Anyway I changed the setting and restarted my computer. Drag'n'drop still does not work. It was working before and stop working suddenly. I did not changed anything. But my company could change something.
User avatar
sqa_wizard
Power Member
Power Member
Posts: 3854
Joined: 2003-02-06, 11:41 UTC
Location: Germany

Post by *sqa_wizard »

Nepcior: If you have enabled RubberBandSelection (which is on by default) you have to start the dragging exactly on the filename.
Otherwise it will be selected only and on second try dragging will work.
#5767 Personal license
Nepcior
Junior Member
Junior Member
Posts: 7
Joined: 2015-04-09, 20:31 UTC

Post by *Nepcior »

sqa_wizard, it is not the case. I can start dragging files. I cant drop them outside TC, because cursor changes to "forbidden" and nothing happens. Like on picture below, where i tried to copy a text file to desktop.
Image: http://wot4me.za.pl/wot/tc_no_copy.jpg


Solved!
For the records
Company installed software which caused this issue. After deinstalation of:
McAfee antivirus
Avecto Defendpoint
all works again. My suspicion is that Avecto is here guilty, because it is software which is managing privileges.
Post Reply