问题
I recently posted a question to SO regarding an issue with writing to file in C++. In one of the comments, I mentioned that I was running in administrator mode. A later comment stated:
Running self-written, untested software in admin mode is a bad idea. Don't ever do that.
This got me wondering, why is this? What are the ramifications? I've experienced situations where a project would not load -- unless in Administrator mode. Does this apply to machines that are not yours (such as work machines), or to all machines, every time?
回答1:
The idea of having a seperate administrator mode, which must be consciously enabled, is to have software running with the minimum amount of permissions necessary to do the job. Faulty, or malicious software will therefore (hopefully) not be able to damage / compromise your system.
Now.
Untested software may contain bugs.
No, belay that.
Untested software will contain bugs.
This could result in files being overwritten, settings being changed, all kinds of things.
It's one thing to loose a file "test.txt". It's another thing to have a faulty regular expression wipe out half your registry, or a mistyped file path end up in system libraries (or your 90%-finished master thesis...) being overwritten.
Run your software -- any software, actually -- with the minimum set of permissions possible to still do its job.
回答2:
Its very easy to add a post build action to vs project that will install and run some dangerous program, e.g trojan. Just by downloading the solution from source control and building it with admin priviledges you open door to all threats out there.
来源:https://stackoverflow.com/questions/35130600/why-is-running-self-written-untested-code-in-administrator-mode-a-bad-idea