If one is belligerent enough then it's easy to create a new application that's sole purpose is to open multiple copies of explorer.exe as quickly as possible and on older OSes, particularly multi-processor you can observe interesting/unhelpful things due to intentionally messing with it. It's also why the the desktop instance of explorer.exe locks up, file explorer, and subsequent attempts to start file explorer (explorer.exe) don't work either. This is also why when things go wrong, which they do, and you wind up with a frozen desktop and multiple instances of explorer.exe, the "fix" is to terminate every one of them and then start just one, which will start the desktop windowing environment. Start another instance of explorer.exe and File Manager opens in the previously started instance which recreated the desktop shell. Start a new task, enter explorer.exe and your desktop shell re-opens. You can see parts of this in operation when you open up Task Manager, find the running explorer.exe process and terminate it - your desktop shell closes. If you are fast enough or have access to a suitable process explorer you can see this happen. The existing explorer.exe then just opens a child window named "File Explorer". For subsequent executions of explorer.exe the initial code checks if explorer.exe is running within the same user session and if it is, then it passes the request to the existing explorer.exe and ends execution. When explorer.exe first starts it becomes the desktop, and the desktop has intentionally been not quite an admin for years now due to security being cobbled and hacked into Windows as an afterthought and the introduction of UAC. I can vaguely get why, but it's still a ridiculous way to implement things. I used that extensively back in the Windows XP days, when every computer I serviced had difficult to remove malware (and the security features of Windows NT foisted on the consumer, with crippled interfaces to configure them on the Home versions, is what facilitated it getting dug in, ordinary scanners couldn't remove it easily)įrom what I know about it all, it's down to the way that Microsoft abused explorer.exe so it became not only the file explorer but also the desktop. ![]() I still had it, but I think it needed some maintenance for later Windows, for it no longer worked as expected. There used to be a program from Russinovich that launched you a shell with System privileges, but it went away pretty much immediately after he started working at MS. That's why simply running explorer with admin privileges doesn't cut it. (and as you say, you don't always want to simply take ownership and replace them). Microsoft also has silly ownership of a lot of files, like the "Trusted Installer" user and there is bullshit in the ACLs of a lot of objects that is annoying to deal with. It's the System account that is comparable to "root" privileges. ![]() ![]() Because the "Administrator" user and group aren't actually the god account on Windows NT.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |