KSP running as Admin

[M3tal_Warrior]

OS: Windows

It doesn't matter if modded or not - the launcher will always start KSP as privileged user ('admin-mode'). I do get it when the updater requires them (which it does for writing to system introduced program paths), but there's no use in those privileges while gaming, apart from maybe writing the save files/logs to the program folder, which isn't what the program folder is for anyway. The whole purpose of the UAC is to secure the system, running everything as admin is Win9x style and puts the system at risk (at least with the possibility of modded installs). Additional thought: Responsible parents won't give their offspring admin users, but will want them to be able to play KSP. Of course one can always link to the binary itself, but then the launcher is useless.

Since it circumvents a major security system of Windows I'd consider it a bug, and most certainly not a feature. I vote for a change, moving processing data (logs, saves) to the user folder where they belong for 14 years now and starting KSP as regular user like every other program (it works, I do it all the time, with the x64 version and not more or less crashes than the other way round).

[AlexanderB]

....or just drop the KSP folder somewhere with user rights (like the desktop).

I like the fact that KSP is standalone, and doesn't paste its files all over the computer in all sorts of seperate folders (*cough* hidden ProgramData, or in hidden folders under the User folder) And as long as you *don't* put it in Program Files, it'll not need admin rights to run.

[vexx32]

Actually, Windows tends to restrict programs' access rights that're on the Desktop.

Ideal location is, generally, the drive root (e.g., C:\KSP_win).

[M3tal_Warrior]

Both of you don't get the point: I already have the program outside the system restricted folders (to be clear: E:\Spiele\KSP\*), because I have a very small system drive. That doesn't bother the launcher, which is still launching KSP in privileged mode and THIS is what I'm all about.

The launcher shouldn't do this, because it's circumventing a (if not THE) major Windows security system, rendering it totally useless. That is the bug, not me needing some crude help how to install a program after administrating the OS for over a decade.

Privileged mode is to install drivers and programs and generally being able to change the system (despite not being as mighty as root). KSP doesn't need to change anything, it doesn't install stuff, isn't communicating with the hardware directly and does not write to HKEY_LM or other users keys. Simple stuff: Give it the rights it needs, as little as possible, as much as necessary. Basic system security directive.

By the way: The drive root isn't the ideal location - the ideal one is the Programs folder (i.e. one of them, depending on architecture), because that's why it's here in the first place. Microsoft is finally attempting to bring order to chaos, something the *NIX community did from the very beginning with FHS.

Edited August 31, 2014 by M3tal_Warrior

[Ruedii]

Try changing the user that owns the KSP install. That way the launcher won't need administrative privileges.

Also make sure that the "run as administrator" flag isn't set on any of the binaries (Launcher or the main binary.)

Obviously, if the launcher is set to run as administrator, because your install is administrator, any child program of the launcher will be run as administrator as well.

[Roadkill]

The OP brings up a good point in that I don't want mods having any type of admin privileges on my pc. My install looks like this-> c:\ksp_win. I then create a shortcut on my desktop that opens ksp.exe. I never use the launcher mainly because it didn't really work early on and I don't see any need for it now. Anyway, my question is, by running the game in this fashion, am I opening myself up to attack by a rogue modder? Given some of the recent activity by a few modders, I think this is a valid concern.

[KasperVld]

Can you please post a feature request on the bugtracker about this? bugs.kerbalspaceprogram.com/projects/ksp/issues

I doubt it's a high priority fix though, if you want to avoid the privileged mode I suggest you start the game without the launcher, but use KSP.exe instead.

[Ruedii]

Yes, it would be nice for the launcher not to require running as administrator other than to "fix permissions."

There should be a fix permission routine to deal with this, which will automatically be run (prompting for administrator authority to do so) if it runs into permissions issues.

This routine should do the following:

1. Change the Saves directory structure to be writable by all non-guest users.

2. Change the main settings file to be writable by all non-guest users.

3. Change the entire KSP directory tree to be owned by the current user.

4. Change the entire KSP directory tree to allow deletion and overwrite by the current user.

5. Change all directories (not files) in the KSP directory tree to be writable by the current user.

This should allow the update routine to function without administrator permission, as well as allow all game functions to run without administrator permission.

For the sake of allowing flexibility, especially with mods which use settings files stored in .\GameData, write access should not be taken away during this process, only given.

[Padishar]

Anyway, my question is, by running the game in this fashion, am I opening myself up to attack by a rogue modder? Given some of the recent activity by a few modders, I think this is a valid concern.

If you haven't explicitly set the "Run as administrator" option on the shortcut then you are no less secure than anyone else that installs mods. If you are that worried about a mod doing something unpleasant then download the source, thoroughly vet it for anything iffy and then compile it yourself once you are happy (or get someone that you do trust to do it for you).

P.S. I suspect the "few modders" to whom you refer would be more than a little insulted by your implication. To my knowledge, no modders have done anything that could be described as malicious and the one case of ill-considered auto-installation is unlikely to ever be exploited by a hacker as it would require some rather involved shenanigans that could also be used to compromise any other non-https web download mechanism that doesn't cryptographically verify the downloaded data.