No update NOTIFICATION without administrator privileges

[Amsterdammer]

Hy,

1.) I am surfing with reduced privilegs (WinXP) because of security reasons. OK.
2.) Firefox 1.5.0.x and Thunderbird 1.5.0.x include an automated update mechanism that ensures users are always up to date with the very latest patches because of security reasons. OK.
3.) Only users with full administrator privilegs can install/update software because of security reasons. OK.
4.) I do not get a FF/TB update notification with reduced privileges, menu help>>check for updates is gray. NOT OK. Why? Normally I do not surf with full administrator privileges, but I will be notified as soon as possible when updates are aviable. Then I can change temporary to my administrator account to install the update. The intention of Mozilla's security policy 2.) is broken.

Known issue? bug?

Same in Linux

EDIT: nobody is working on bug#303595

[Dustyakubra]

Subscribe to a mailing list or rss feed or something that announces new Mozilla releases.

[Amsterdammer]

Subscribe to a mailing list or rss feed or something that announces new Mozilla releases.

imho thats now solution: only surfers with admin account get a notification by mozilla's autoupdate-feature? rest of folks must take care by themself? U don't mean that...

perhaps that's ok for FF and TB in networks, but in most cases (stand allone) reduced- and admin-accounts are handled by the same person. Why is "check for upates" gray in the help-menu ? Allow "check for updates" and "notification" in reduced OS accounts, nevertheless installing and updating of software is blocked by OS.

[name already taken]

There is probably a bug on file for this, but I don't know which one it is.
It would be nice to know what is being done about this...

[old FatJohn]

Agreed. A good slice of all online security problems stem from the fact that almost everybody's running as admin.

[Racer]

1. Perhaps the first time you install/run Firefox, it could recognize that you are a superuser/admin and prompt indicating something like "We recommend you run Firefox in restricted user mode, do you wish to do this?" If you choose yes, it would use (or even create???) a non admin user to run Firefox (and modify links to do the same???)

2. It would always check for updates and, if there is an update, attempt to run it. If there is a failure due to lack of authority, it could run firefox update in a separate process via a superuser/admin which would prompt for a password (ala sudo, etc).

[VanillaMozilla]

I'll check into this later, but I think the bug is in Windows. (That's not to say that Fx can't necessarily can't create a workaround.) In recent versions of XP there are only two kinds of accounts: those with too little privilege (can't even view the calendar) and those with too much (i.e., administrative) privilege.

[Amsterdammer]

All Systems
... If you install Firefox on a multi-user system where access privileges are restricted, you must run Firefox as a user with access to that location upon installation so that all initial startup files are generated.

http://kb.mozillazine.org/Installing_Firefox

that is ok, for installing/updating. but why user must have these rights to get an update-notification or to check for updates? imho thats not a windows bug, but a mozilla bug (FF, TB, ...), but i stil havn't found such a bug in bugzilla, so someone who has more experience with bugzilla (i have not) feel free to open a new bug...

Thx

[VanillaMozilla]

Well, in the first place, are we absolutely sure it's necessary to have administrative rights? Second, if it is, it's probably by design. Administrators do not necessarily want users installing or updating software -- especially for computers in a public setting. I recognize the concern, but there's more to be considered.

[old zeniko]

There's already a similar bug: updates under windows as non-administrator user not possible. I'd still file a new bug to allow for manual/automatic update checks for non-admins - with a (hidden) option to disable them for wherever users are never supposed to update themselves (at administered sites, kiosks, etc.). Users "correctly" using Windows (i.e. running a limited account) should be told about updates - with a note that they'll have to log in as Administrator to actually download and apply them.

@VanillaMozilla: This is certainly no Windows specific issue (and you can't really have "too little" privilege anyway - except maybe no access at all).

@Amsterdammer: What you quote actually means that you have to run Firefox once as Administrator so that it can correctly setup the (updated) installation.

[Racer]

The update solution is to make users close Firefox, have to log in as a different (admin) user, run the update, close Firefox again, then log back out and in as the regular user, and start Firefox again?! -- This is completely unacceptable from a usability standpoint.

Even many knowledgable users would just not update due to the hastle this would cause. There should be a built in (very important) way to run a secondary "update" executable as a different (admin) user without having to log out.

[VanillaMozilla]

zeniko,
1. Why don't you file the bug report, since you understand the issues? But note that there is another way to install Fx without an administrative account. I don't know how that affects the issue.

2. The problem with Windows is that you really <i>can</i> have too little privilege for certain necessary activities. As I mentioned, you can't even look at the calendar or set the clock if you don't have an administrative account. Users are also warned that certain types of programs won't run from a nonadministrative account. There may be other problems too. That may be why so many people run from an administrative account. I never used to, but now with recent service packs I am forced to.

[old zeniko]

There should be a built in (very important) way to run a secondary "update" executable as a different (admin) user without having to log out.

That would be even nicer. There seem to have been at least some thoughts to this on BugZilla already.

1. Why don't you file the bug report, since you understand the issues?

Further searching revealed that such a bug has already been filed (and duped twice since): bug 318855.

2. The problem with Windows is that you really <i>can</i> have too little privilege for certain necessary activities.

That's not a problem but a feature all *nix OS had for decades: certain operations should only be performable by administrators. The examples you cite are changing date/time - which are relevant for the PCs security logs and are thus only modifyable by administrators and super users - and running program installers - which write outside a user's data folder. As for the calendar: The Date/Time control panel is not a calendar. And you still shouldn't be forced to run as administrator, even with WinXP SP2. See Aaron Margosis' blog for how to get a safe experience under Windows.

[VanillaMozilla]

If the date is changed without pressing <OK>, as claimed in the "The Date/Time control panel is not a calendar", that would be a (Windows) bug -- but I don't believe it's true. And the <OK> button should be grayed out if it doesn't apply, as in nonadministrative accounts. As for the blog, thanks, maybe I'll reconsider when I get some time to read the considerable fine print.

"...only modifyable by administrators and super users...." That's part of the problem. I used to be a super user on the accounts I use routinely. Now there is no such thing under Win XP.

[Amsterdammer]

The update solution is to make users close Firefox, have to log in as a different (admin) user, run the update, close Firefox again, then log back out and in as the regular user, and start Firefox again?! -- This is completely unacceptable from a usability standpoint.

Thats normal, I have no problem with this, this way u must handle windowsupdate for instance. But u get the windowsupdate-notificaton as restricded user too, and than u can change temporary to admistrator. From FF/TB u do not get a notification as restricted user and u can't even check for updates. That's the bug.