Firefox loops if always run as administrator
Categories
(Firefox :: Launcher Process, defect)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox79 | --- | fixed |
People
(Reporter: drevbw9e7sd1, Assigned: toshi)
Details
Attachments
(1 file)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Steps to reproduce:
My colleague is using NemID authentication with Firefox and it must be run as administrator in order to work. He want to keep Firefox always run as administrator
- Right click on Firefox icon and choose Properties
- Go to Compatibility
- Check "Run this program as administrator"
- Click OK
- Launch Firefox
Actual results:
Firefox keeps looping and asking me to allow or not (the UAC dialog box). If i disable UAC, it will keep looping until you uncheck run as administrator
Expected results:
Launch Firefox as administrator without any problems
|
Reporter | |
Comment 1•5 years ago
|
||
I was able to reproduce on my computer as well
Our computers are running Windows 10 1909
Hi drevbw9e7sd1,
Thanks for reporting this bug.
I'm afraid I'm unable to test this on my end because I don't have NemID autentication credentials, but as a starting point I'll add this ticket to the Toolkit: Startup and Profile. Hopefully someone from their team will be able to offer their insights into this issue.
Could you confirm which Firefox version are you using? Please also test if this is reproducible in the latest Firefox Nightly version: https://nightly.mozilla.org/
Regards,
Virginia
|
||
Comment 4•5 years ago
|
||
Yeah...
Two issues:
- Why does NemID require Admin? That's... scary.
- Regardless, we shouldn't degenerate like this.
|
Assignee | |
Comment 5•5 years ago
|
||
Thanks, Aaron.
I confirmed the repro. The launcher process must handle AppCompatFlags correctly.
|
|
Assignee | |
Comment 6•5 years ago
|
||
If the process was elevated due to AppCompatFlags, we should not
use LaunchUnelevated to launch the browser process because it starts
an infinite loop of process launch.
The fix is to make GetElevationState return a new elevation state
if RUNASADMIN is set in AppCompatFlags. With that state, we use
CreateProcessAsUser to launch the browser process.
|
|
Reporter | |
Comment 7•5 years ago
|
||
It's a higher security autentication system installed on the pc, that's why admin right is needed when you need to login in Firefox. I think it's called employee signature or key file in english
I readed the solution on the official site and solved the problem.
https://www.nets.eu/dk-da/kundeservice/medarbejdersignatur/noeglefil/Pages/firefox-68-udfordringer.aspx
Basically, go to about:config and change browser.launcherProcess.enable value to false
|
|
Assignee | |
Comment 8•5 years ago
|
||
(In reply to drevbw9e7sd1 from comment #7)
It's a higher security autentication system installed on the pc, that's why admin right is needed when you need to login in Firefox. I think it's called employee signature or key file in english
I readed the solution on the official site and solved the problem.
https://www.nets.eu/dk-da/kundeservice/medarbejdersignatur/noeglefil/Pages/firefox-68-udfordringer.aspxBasically, go to about:config and change browser.launcherProcess.enable value to false
Thank you for sharing it. It's unfortunate that NemID requires the browser process to run as admin.
I'd like to suggest another workaround described in our support page, to launch firefox.exe with the command option -no-deelevate, which also allows you to run the process as admin without the launching loop. I think -no-deelevate is slightly safer because the launcher process is a feature that makes firefox safer and more stable. As Aaron mentioned above, running the browser as admin is still scary though.
My patch above is to stop the launching loop. If it's been shipped, you still need the workarounds to run the process as admin. Sorry for inconvenience.
|
||
Comment 10•5 years ago
|
||
| bugherder | ||
Description
•