VirtualBox

Ticket #18680 (new enhancement)

Opened 4 years ago

Last modified 8 months ago

Create symbolic links in shared folders without administrator priviledges using new Windows 10 Developer Mode

Reported by: asmala Owned by:
Component: shared folders Version: VirtualBox 6.0.8
Keywords: symlink Cc:
Guest type: Linux Host type: Windows

Description

Starting with  Windows 10 Insiders build 14972 symlinks can be created without needing to elevate the console as administrator. The prerequisite is to enable Developer Mode, and after that any user on the machine can

  1. Run the mklink command without elevating a command-line console
  2. Use CreateSymbolicLink API if additional dwFlags option SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE is set to 0x2.

Since even after enabling the Developer Mode VirtualBox has to be run as Administrator in order to create symlinks in shard folders, I assume the method 2 i.e. API calls are used to create them.

My enhancement request: Please add the SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE to the API call when creating symlinks to shared folders under Windows 10 so Administrator priviledges are not required when Developer Mode is enabled.

Change History

comment:1 Changed 8 months ago by algofoogle

I'd say this is a legitimate issue, and a legitimate request, and one that is probably easily fixed. Fixing it has the benefits that:

  1. existing users of VBox will get unaltered backwards compatibility (i.e. if they're using the old "Run as Administrator" elevation method)
  2. new power users who have explicitly opted in to the Windows 10+  Developer Mode can get this benefit without having to elevate -- while still being safely gated by SharedFoldersEnableSymlinksCreate as is the wise VirtualBox convention.

Your assumption appears correct; the flag is not anywhere in the code from what I can see. Here is where the call to CreateSymbolicLink (actually CreateSymbolicLinkA) is made, in kBuild:

https://www.virtualbox.org/browser/kBuild/trunk/src/kmk/kmkbuiltin/mscfakes.c?rev=3387#L442

This is the only call to CreateSymbolicLinkA and it relies on is_directory which never includes the bit 0x2 (i.e. SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE).

Documentation for this can be found here:  https://docs.microsoft.com/en-gb/windows/win32/api/winbase/nf-winbase-createsymboliclinka?redirectedfrom=MSDN#SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE

I originally expected that we could just add SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE unconditionally and it would either be safely ignored, or safely used, depending on the Windows version and state of "Developer Mode" but instead older versions of Windows might react to this as an invalid parameter. See  Eryk Sun's comment on this.

Last edited 8 months ago by algofoogle (previous) (diff)
Note: See TracTickets for help on using tickets.

www.oracle.com
ContactPrivacy policyTerms of Use