VirtualBox

Opened 5 years ago

Last modified 2 years ago

#18680 new enhancement

Create symbolic links in shared folders without administrator priviledges using new Windows 10 Developer Mode

Reported by: asmala Owned by:
Component: shared folders Version: VirtualBox 6.0.8
Keywords: symlink Cc:
Guest type: Linux Host type: Windows

Description

Starting with Windows 10 Insiders build 14972 symlinks can be created without needing to elevate the console as administrator. The prerequisite is to enable Developer Mode, and after that any user on the machine can

  1. Run the mklink command without elevating a command-line console
  2. Use CreateSymbolicLink API if additional dwFlags option SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE is set to 0x2.

Since even after enabling the Developer Mode VirtualBox has to be run as Administrator in order to create symlinks in shard folders, I assume the method 2 i.e. API calls are used to create them.

My enhancement request: Please add the SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE to the API call when creating symlinks to shared folders under Windows 10 so Administrator priviledges are not required when Developer Mode is enabled.

Change History (1)

comment:1 by algofoogle, 2 years ago

I'd say this is a legitimate issue, and a legitimate request, and one that is probably easily fixed. Fixing it has the benefits that:

  1. existing users of VBox will get unaltered backwards compatibility (i.e. if they're using the old "Run as Administrator" elevation method)
  2. new power users who have explicitly opted in to the Windows 10+ Developer Mode can get this benefit without having to elevate -- while still being safely gated by SharedFoldersEnableSymlinksCreate as is the wise VirtualBox convention.

Your assumption appears correct; the flag is not anywhere in the code from what I can see. Here is where the call to CreateSymbolicLink (actually CreateSymbolicLinkA) is made, in kBuild:

https://www.virtualbox.org/browser/kBuild/trunk/src/kmk/kmkbuiltin/mscfakes.c?rev=3387#L442

This is the only call to CreateSymbolicLinkA and it relies on is_directory which never includes the bit 0x2 (i.e. SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE).

Documentation for this can be found here: https://docs.microsoft.com/en-gb/windows/win32/api/winbase/nf-winbase-createsymboliclinka?redirectedfrom=MSDN#SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE

I expect (but can't verify) that it's safe and reliable and functionally equivalent to always include this bit/flag by default: it should only be observed by Windows if the user has already enabled this in Win10 (otherwise safely returning the same error just as if the bit was not included in the first place)... and it should otherwise be irrelevant and suitably ignored in the "Run as Administrator" case. Older versions of Windows would no doubt safely ignore it too.

Version 0, edited 2 years ago by algofoogle (next)
Note: See TracTickets for help on using tickets.

© 2023 Oracle
ContactPrivacy policyTerms of Use