Running programs without administrator rights with runwithrestrictedrights

Surely on more than one occasion we have encountered the problem that we have downloaded a new application in Windows but we do not know if it is to be trusted. This is because we are not sure if it is safe to run, which could put your computer and your data at risk.

One of the best options if necessary is to run the program in a safe environment using a program that you provide us with a Sandbox, such as SandBoxie, for example. We can also make use of a virtual machine to avoid possible upsets. And it is that at this point we can also ask ourselves the reason why some applications request administrator permissions to run.

It is evident that for certain types of applications it is essential, for example a security program, or another that manages Windows functions . But there are others who don’t need those admin permissions at all. That is why, if we want to force that execution but without doing it with the elevated permissions we are talking about, we can.

But we are going to help you thanks to the application that we will talk about below. It is the free program called RunWithRestrictedRights that you can download from here . To say that we refer to a tool that works from the command line and that uses the Windows integrity mechanism to restrict the permissions of other applications. With this, what we can do is run suspicious programs that cannot damage the computer.

How to use RunWithRestrictedRights on Windows

Therefore, in the event that you want to force the execution of a program that requests administrator permissions, but without giving them, this application is the solution. As we say, it works from the command line, so we type CMD in the Start menu box and start the Command Prompt with administrator permissions .

In this case, it is key that we start this function with administrator rights . Thus, after downloading RunWithRestrictedRights in the root of drive C, for example, then we must write the following command:

C:/RunWithRestrictedRights.exe (aplicación)

Obviously the route may vary depending on where we have saved the program, and in “application” we write the app that we want to force to run. Here we can write Notepad, MSPaint, etc. Therefore, if everything goes as expected, the restricted program should open. At the same time and as we can see in the attached screenshot, after executing it we will also see a new message on the command line screen.

This tells us that it says the Notepad application has started in Medium Integrity with PID followed by a number. Say that this value, which is represented by four digits, actually represents the ID of the running process . On the other hand we will say that to do it with an application that is not part of the operating system, we have to enter the full disk path of it to open the executable.

To finish we will tell you that RunWithRestrictedRights supports some parameters that we can use after typing the application to run. For example, “-w” starts the program but does not return to the command line window until it is closed. At the same time “-p” takes the permissions granted by the Power Users group, while “-d” denies the SID permissions.

How to view the permissions of a process

Do we really know what level of privileges a program has? If we have run it without admin permissions, it will have the same permissions as our user (and if not, it is exploiting the system). And if we have run it as administrator, it will have admin permissions, greater control over the system.

To check this, what we must do is open the Windows task manager (by pressing Control + Shift + Esc), and go to the “Details” section. Here we will be able to find each and every one of the processes that are running in the operating system. And if we look at the column “Username” we will be able to know in detail with which privileges this process has been executed.

Problems running programs without admin permissions

It is true that there are many programs that, for convenience, abuse the administrator permissions and, without them, they could also run. Just as it is also true that there are programs that make use of these administrator permissions because they hide something, usually malware.

If a program really needs administrator permissions to run, if we remove them with this program that we have just seen, it will not be able to run. And we will not be able to use it if we have a normal user account and they do not give us permissions for it. The most normal thing is that without the permissions the program will not even run on the PC. But it can also happen that it runs and gives us all kinds of errors during loading or simply while we are executing it.

But exposing ourselves to these problems does not mean that we have to run everything with administrator permissions. Any program with that level of privileges can do a large number of things on our PC, even infect it or make it totally unusable . Ideally, to work safely, is to always run the programs without administrator permissions, and if the program really needs them, and explains why, give them to them.

SYSTEM: the Windows 10 super-administrator

We remember that there is another level of permissions above that of the administrator: SYSTEM . This level of permissions literally gives programs full control over the entire system. It is the only one that can, for example, modify Windows own files, and make changes and critical settings for the system.

Windows opens by default some programs (like regedit) with these permissions so that they can work. But he always closes it as soon as we’re done with it. If we do not do so, we will be in danger. A virus, for example, with super-administrator permissions could have catastrophic effects on our PC.

Normally it is not recommended to open programs with SYSTEM permissions, due to the risks we have discussed. Even Windows itself does not provide us with an easy way to do it. Despite this, there are programs, such as PowerRun, that allow us to do the same.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button