The real answer?
“We once gave you commoners this power and you used it to fuck your computer up and then blamed us for it, so we learned you can’t be trusted with this power. We hid it behind a kind of skill test, and you’re failing that test.”
Good luck with opening the subdirectories of
C:\WindowsApps\
. I ran Explorer as admin, gave myself R/W permissions, even recursively changed ownership of everything, followed all the online guides… Still denied access.Those’re probably containerised.
Sandboxed rather than containerised I think.
If you make a bootable linux usb drive you can do whatever you want with all windows stupid files without even having to install linux.
U can use proccess hacker to lauch for example total commander with SYSTEM privileges it’s highest possible privilege in windows.
it’s highest
its*
hightesthighestHighest*
Whoops! Thanks. Corrected.
@ChaoticNeutralCzech
Tried knoppix?
@Reddfugee42 @programmerhumor
I prefer the answer of giving the giy the reins and letting him get it so riddled with viruses then when he calls for support replying “sorry, your property your problem. You have absolute dominion over it and thus we give no warranty as we have no responsibility.”
Microsoft gives no warranty and assumes no responsibility as it is.
Why can’t I delete System32? It’s taking up space.
Where are the other 31 systems??
Reminds me of the “chmod 777” crowd at work. Goddamn it.
😂👌 this
Andrew is not very smart. Windows isn’t very good, but he is very clueless. There are legitimate things to complain about, but Andrew just complains.
Andrew doesn’t know how file system permissions work. He complains that computers demand he keeps up, but these ACLs have been a thing since Windows XP (for consumers, much longer for older NT versions) so clearly the 14 years he had to catch up weren’t enough.
I’m not sure why he brought up moving to 64 bit (guess he came from XP, perhaps?), I don’t think thats relevant to anything here.
He doesn’t seem to know what an administrator account is (so his normal account probably is an administrator account) and rants something about “owners” as if that means anything to a computer.
He also concludes that this needs to be done for every file (it doesn’t) and then gets mad about that.
Fixing ACLs sucks, it takes forever and the UI isn’t very good for novices, but this guy’s anger seems to be misdirected towards his own misunderstandings about how Windows works and has worked for over a decade at the point he came to the forums.
None of this is because of “changes”, if anything his problem is exacerbated by the fact Windows still has the Win2000 permissions dialog on ACLs to this day.
Windows permissions can be tricky… I’ll give them that. A lot of the tools Microsoft provides are not very straightforward.
However, PowerShell and tools from Sysinternals suite, or open source tools as well, make it a lot easier.
Managing permissions on Linux, especially if doing the ACL thing, can be complicated too. I’ve really never ran into many permission issues myself. psexec has been helpful too when needing to access things as the SYSTEM user and not get those stupid prompts asking me to change permissions for protected folders.
Having used secured SELinux enterprise code, I’ve learned that Linux permissions can be even more complicated than Windows’ when multiple permission models suddenly overlap. There’s an endless supply of special bit flags, security contexts, and sandboxing features that all overlap.
I’ve run into very complicated Linux permission issues when combining SELinux (properly configured, not just neutered and standby) and system services in some specific configuration. Once you start applying the permission systems that Windows comes with by default in Linux, you get the same problems (or worse ones, as Linux has a multitude of permission systems stacked on top of each other).
On Windows, I recall one particularly messed up drive from another computer that not even NT_AURHORITY\SYSTEM was allowed to alter the ownership of. Luckily Linux happily stripped out all the permissions for me because Linux can plainly ignores ACL if you’re root and provide the right flags. Probably a terrible way to break ACLs in a managed environment, but this time it was a feature!
Omg, it’s an inside-joke at our company now.
Anytime something happens on a server that’s been running great for years, like a hard drive going bad or the time one literally caught on fire…
98% of the time it is selinux that is the reason it is doing weird things after the main fix because selinux changed a setting on the reboot.
“Have you checked selinux?” is the go to question whenever anything breaks now, even if it’s not a computer.
We tend to forget about it these days, but the Unix permissions model was criticized for decades for being overly simplistic. One user having absolute authority, with limited ways to delegate specific authority to other users, is not a good model for multi-user operating systems. At least not in environments with more than a few users.
A well-configured sudo or SELinux can overcome this, which is one reason we don’t bring it up much anymore. We also changed the whole model, where most people have individual PCs, and developers are often in their own little VM environment on a larger server.
I agree with the critics, the Unix permission model is too basic. I’ve run into this myself doing the very difficult operation of “reusing an ext4 USB drive on another computer” because all the files were suddenly owned by a user that didn’t even exist on my laptop.
NTFS fixed this issue by having the OS generate user IDs across systems rather than reusing the same IDs and making the administrators match everything up. I don’t think selinux can fix that, though.
I welcome the extensions bringing Linux’ permission model to the 21st century, but the way they’ve all been implemented independently does cause some weird edge cases that clearly nobody has tested.
I think Andrew might be a lawyer.
My roommate for a couple years in college was pre-law, and did some internships after graduation but before gaining his own law degree. He mentioned at one point how absolutely and hilariously pervasive it was at the firm he was working for attorneys to just run screaming to IT every single time literally anything was even the slightest bit inconvenient or obtuse (to their understanding). Part of it was the logic of “I bill clients at $800/hr, I am not spending my time to resolve whatever this hiccup is”, but part of it was absolutely also some bullshit power dynamics.
Worked in IT for over a decade, lawyers are the fucking. worst.
I see your lawyers and I raise you doctors…
I was working with a doc on an IT problem a few months ago… It was a mildy terrifying experience, I would never want someone so ignorant as my doctor.
I don’t know, I don’t think I want the best IT person in the world performing an appendectomy.
Just because you’re an expert in one field doesn’t mean you’re an expert in every field.
I don’t think I want the best IT person in the world performing an appendectomy.
“Okay so let’s start with the simplest thing by performing a power cycle and seeing if that fixes it…CLEAR!”
I was married to a lawyer for years. They have to bill somewhere from 1700-2200 hours a year to stay on partner track. And they can’t bill every hour that they’re working (although they can double up sometimes by using the minimum 2/10ths of an hour). My sympathy is with the lawyer. It’s not a power dynamic, it’s how the firm makes money and what you’re there to do.
Yeah, because being a raging asshole to your coworkers is justified as long as it helps you “stay on partner track.”
Abusive people always find justifications for it.
“Look guys, their industry makes their boss abusive to them which makes them abusive to their staff, so it’s just how it is because money…”
This is like "Well my drunk granddad had anger issues after the war so he beat my dad who beat me something fierce and I turned out fine " of the professional world.
Some people think enough money or status is worth disrespecting other human beings who are just trying to do their already shitty enough job, and that’s concerning.
I.T has to hit their “ticket targets” to stay on the “lights come on when they flip the switch at home” track, it’s how they make their money and what they’re paid to do.
Playing coddling psychologist for grown adults who could pass a bar exam but can’t handle basic respect doesn’t make things any easier lol.
To any of those types reading this:
Stressed or not, it’s amazing how fast things move when you work with IT as teammates instead of underlings, using your level brain instead of your emotionally unstable mouth.
Because their continued employment depends on them hitting their targets so they need support staff to do their jobs.
Yup, there’s the justification right on time. They had to abandon basic civility and professionalism to “hit their targets.”
Thats why they can be abusive, ignore the company process for tickets, threaten their coworkers, whatever they want. They need to “stay on parnet track” and “hit their targets.” No one else has any stressors or requirements at their workplace, just the lawyers.
Nevermind that the “support staff” make sure lots of people, processes and services work, and may individually be more important to “hitting targets” for the company as a whole than any individual lawyer.
How about the lawyers “do their job” by interacting with their coworkers professionally? By submitting tickets correctly and in a timely manner?
Abusing your coworkers is never justified.
edit: nix this.
they never justified anything.
they explained.
explained why they were raging assholes or whatever.
but didn’t justify.
But being rude and abusive to support staff doesn’t help, encourage, or even compel the support staff do their jobs any better or faster. In fact, I’d wager it’s rather the opposite.
I work in IT (not IT support, though) and I’m fortunate enough that none of my business partners are outright abusive. Even so, I still have some that I deprioritize compared to others because working with them is a pain (things like asking for project proposals to solve X problem and never having money to fund them). If someone was actively rude to me when I had fucked up, much less when I was doing a great job, I can guarantee I wouldn’t work any better or faster when it was for them.
Yeah like, complain about the one thing MS is finally improving in recent years, clamping down on non-admin users and non-admin permissions.
Andrew is ignorant. He could learn the basics of computer literacy, which would answer all his questions, but I’ll take a shot in the dark and say that Andrew doesn’t want to do that and is perfectly happy being ignorant. And also angry.
He doesn’t exactly come across as happy…
True, his message doesn’t exactly radiate happiness, but I can assure you he felt SO much better after writing this. Tech support also doubles as everyone’s personal therapist, you see.
Never listen to anyone who is perfectly satisfied with being angry at everything.
Words to live by.
“I shouldn’t have to use permissions or sudo, just all root all the time”
“Real Men Run As Root”
I don’t run as root because I’ve always been told I shouldn’t. I don’t know enough about anything to be contradicting stuff like this. It has always seemed weird to me that we don’t run as root and then just sudo everything, though.
What is the reason we don’t run as root?
What is the reason we don’t run as root?
We are human and make mistakes. Not running as root means the computer will ask us to confirm when we are about to do something major (like a software update, or formatting a partition). This reduces the chance of making big mistakes. (But I don’t see why VLC shouldn’t be able to run as root, if the user so desires.)
(But I don’t see why VLC shouldn’t be able to run as root, if the user so desires.)
You don’t run VLC as root because you don’t especially trust that build of VLC
We don’t run random stuff as root because it’s a stupid risk. We try to only take necessary risks. Risks that make things easier. Running random programs as root gains you nothing and causes annoyance in that you need to fix permissions on its configuration files if you want to run out as a user
There is nothing stopping you though if you want to set up a Linux machine where you log in as root, run a desktop environment as root, run apps as root. You’re unlikely to be taking an unreasonable risk as a home user.
Because you might accidentally do something which breaks the system, or you might run a program which does something malicious without your knowledge.
By gating dangerous (or protected for any other reason) commands behind sudo, you create a barrier which is difficult to accidentally cross
A big part of it comes from the security model and Linux historically being a multi-user environment.
root
owns the root directly/
which is where all of the system files live. A normal user just has access to their own home directory/home/username
and read-only access to things the normal user needs like the/bin
where programs are stored (hence/bin/bash
in lots of bash scripts, it tells the script what program to run the script from)Because of this model, a normal user can only mess up their own files, while root can mess up everyone’s files and of course make the system non-bootablem. But also you can have user Bob signed in and doing stuff but unable to access user Alice’s files, and user Alice can be doing stuff and even running the same programs that user Bob is running (since it’s read only there’s no conflict) and then the administrator can log in as
root
to install something because they got a ticket to install suchandsuch for soandso.Back to your point with
sudo
,sudo
is Super User Do, so you are running a single command asroot
. By running it as root you can potentially be messing up with Alice and Bob might be doing, and most importantly whatever you are running withsudo
can potentially affect any file on the computer. So if you run the classicrm -rf /
it will delete every file that the user has write access to, so if bob runs it it’ll delete all of/home/bob/
but Alice will be unaffected, and the admin can still log in asroot
to do stuff. But if you run it asroot
you’ll quickly find the server unable to boot and both Alice and Bob will be very upset that they can’t access the server or their filesIf you host a website you’ll generally take advantage of this by giving the
www
folder read-only access so that web users can only see webpages and can’t start reading random system files, or for server software you can create a dedicated user to run that server software as, so if someone were to somehow exploit a vulnerability and gain access to that server user they can only mess up the software and no system filesYou’re not supposed to “sudo everything” though. It’s mostly for changing the system configuration (editing config files in /etc/, running your system package manager etc.). It shouldn’t be a “oh, I got a permission error, better sudo the same command again olol”
In defense of Andrew, until windows 10 never had I ever installed a program that made it’s own files untouchable unless you did some real fuckery with permissions.
As soon as they introduced that little warning screen in program files it was clear shit was going downhill for power users.
I discovered basic versions of windows are even more restrictive when I was unable to install my favorite lightweight pdf reader in a friend’s laptop because Windows home just said that for my safety I wasn’t allowed. With no option to bypass this limitation being hinted at.
Ended up installing it anyways but had to run the installer from an admin terminal (luckily it was windows 7 so it was a local account with admin rights instead of a bullshit Microsoft one)
that made it’s own files untouchable
that made its* own files untouchable
I make that same mistake enough that at this point I figure I’m just contributing to the paradigm shift of modern english grammar.
Making the oxford comma mandatory is my next big target.
Andrew complains, Microsoft makes a root mode so Andrew can have his way. Andrew breaks his computer the next second by deleting a system file and proceeds to call Microsoft support. :)
Most of the annoying stuff that Linux users hate about Windows are because Windows has to cater to even the least technologically knowledgeable users.
It is why Windows updates are forced, why so many files are locked behind SYSTEM user and can’t easily be circumvented, why some settings are registry or Group Policy only, why some settings are opt out, …
Without those, their support center would blow up.
So if Linux wants to become mainstream, it will have to cater to those users as well. And Linux will slowly turn into Windows.
Most of the annoying stuff that Linux users hate about Windows are because Windows has to cater to even the least technologically knowledgeable users.
Isn’t that the whole idea of GNOME? Always considering users as stupid and lowering the bar?
I won’t stand any gnome slander, get out
And Linux will slowly turn into Windows.
Some distros maybe, but I’d say that instead we’d quickly have another golden era of malware.
HE SHOULDN’T HAVE TO LOG IN AS ROOT. IT’S HIS COMPUTER!!!
The long reply on how to change file ownership when it could just be
chown -R andrew /pictures
chown
won’t alter the ACLs set bysetfacl
(which is much closer to the permission model Windows follows).On Windows, you can use
takeown /f "path" /r
to recursively set the owner on a directory. Powershell can do more fine-grained control if necessary.The problem with this and your proposed Linux solution is that most normal users don’t know any command line tools and just want a button to access their files. Windows does have this, but it doesn’t always work reliably. On Linux it depends on the file manager, but I don’t think any of them support setfacl-style permissions.
In which case you could also go right-click -> properties -> security -> advanced -> click change where it lists the owner.
It’s not as quick but hey, mouse-driven UI exists.
I think I had this guy’s exact issue and maybe even stumbled upon his comment in that Microsoft support forum thread. It looks very familiar, but I could have just seen the meme before.
My problem was that I needed to do this for 100+ files, so using the UI individually for each file was out of the question. The eventual solution I found was in this tutorial for adding a context menu entry that changes folder/file ownership recursively. It’s been very useful!
That’s exactly what the guy in the opening post was told to do, and at least to him that’s a big problem.
The fact that Andrew might have to run this at all means Windows has fucked up. He should not need to learn about this to use his files. Obviously he shouldn’t have permissions to system files but that’s clearly not what he actually wants.
Windows defaults to giving a user access to common folders like a desktop, pictures, etc. Most never need anymore access to internal folders.
The fact that Andrew has the permissions settings open enough to discover “owner” but doesnt understand what any of it is means and instead launched a “don’t tread on me” screed about his “dominion of all things mine” implies that he fucked up, not Microsoft.
How did his user account lose permissions to a folder of pictures?
He didn’t “discover owner” by opening any permission settings. He is simply asserting that he is the owner of the pictures he took, in a non-technical sense.
He doesnt talk about pictures at all. That was someone elses supposition.
It’s not clear from the snippet of text what the issue is, but it sure looks like he opened up the folder ACLs and found that his account wasn’t “Owner” for some folder/files, and now hes mad that he is being made to elevate his own account for that folder, because “He is the OWNER!” of the files in a property rights context.
Ah, ACLs, had the pleasure of working with these again last weeks.
It gets really curious when even the Arch wiki doesn’t really know what’s going on (talking about mask and effective permissions):
The factual accuracy of this article or section is disputed.
Reason: The original note about the --mask option (which was taken from setfacl(1)) was determined as inaccurate, but the new note does not seem correct either. See the talk page for details.
From trying, I can confirm that the info presented further down is wrong.
Once you read what it actually does and why it’s the way it is, it makes more sense - not that I remember it now - but at least there was a coherent design decision behind it
Yeah, that guy’s issue isnt a matter of “Microsoft has control over my PC!!!”; more like “I’ve been using a computer for years and never actually looked at how things work under the surface”.
Simple permissions error, happens in Linux all the time as well.
Right?
This reeks of inexperience.
We lock things down because a malicious program can easily be “owned” by the user through stupid choices. And now you got viruses.
This is a way to stupid proof things. And the workaround isnt difficult, but it’s to stop people like Andrew. And so far, success.
Why are you assuming so much about Andrew?
What are these workarounds? And why are they workarounds and not standard procedures?
My man just reinvented free software.
Eh? On Linux you also aren’t supposed to log in as root, and you also have to individually set file permissions.
This issue is unrelated to windows, it’s a safety feature that all modern desktop OSes have
It’s quite common to login as admin on windows though (in home setups), you’ll still have to authenticate for administrative tasks (the UAC popups).
The issue here is mostly that the user has probably upgraded and windows changed their account, resulting in the files being owned by their old account.
In linux, that’s fixable with ‘sudo chmod -R’
In Windows, there’s no built-in way, you need the take ownership script.
Yes, but on Linux, if I am root, I am God. I do whatever the fuck I want with my machine, for good, evil or stupidity. That’s the poster’s point. It seems like Windows doesn’t allow you to do this, or at least not easily. So I guess people who want to have absolute control over their computer shouldn’t be using Windows, I guess.
I think windows is a pretty good middle ground. Yes it’s annoying that you might need to install a 3rd party tool to give you a right click menu option to take ownership of any file/folder, but at least you can do that and it’s easy. And for normies that don’t have Linux-fu they’ll get into a lot less trouble than if you give them Linux.
MacOS on the other hand, if there’s something Apple decided users are too dumb to be allowed to do (which it turns out, is a lot of stuff), then you just can’t do it, period.
My brain read that in John Oliver’s mocking voice. xD
French or standard?
sudo apt install linux
problem fucking solved
“sudo is not recognized an an internal or external command”
I literally saw that kind of message very recently on a nixos based machine and I literally had to stand up and do a lap. What in God’s green earth do you mean there’s no ‘sudo’??
Linux: Keeps the same quirks in shells alive for half a century BeCaUsE bAcKwArDs CoMpAtIbIlItY.
Also Linux:
i mean there are other superuser commands, BSD doesn’t use sudo for example, it uses “doas”
apt remove sudo
sudo is not installed on several distributions by default, so hardly surprising it’s not there or that you can remove it.
It’s not surprising you can remove it, but it seems contrary to teaching good habits to not install it by default as a basic utility. You don’t want to train people to log in as root
Actually I think the only way I can log in as root is sudo -i
Pretty sure root has /bin/false as its shell and it’s configured as no login my machines
run0 for you my guy
If you follow the Arch installation guide it’ll get you to a working system, but you’ll need to install sudo yourself. It’s not strictly required so it’s not installed with the essential packages (or even the packages recommended for most users in the guide).
Surely any user planning on using arch would want sudo. I mean if Ubuntu desktop didn’t come with sudo I’d understand but arch? Linux From Scratch was a thing when I was still playing with Linux (rather than just using it) and that also was very much an if you want it, install it, but that suggested sudo as the likely alternative was the user would log in as root
I want to say “Haha, Idiot trusting Microsoft”.
But honestly I want the same stuff he wants. Including modems in mobile phones. Including EVERYTHING I own.
There’s an OS you might like. It has no UAC, no file permissions, no sudo nor chmod, as it has no multi-user support, no antivirus and no firewall, no protection rings, not even spectre/meltdown mitigations, and most of all - no guard-rails whatsoever: You can patch the kernel directly at runtime and it won’t even give you a warn. And yet, it is perfectly safe to run. It’s called TempleOS and it achieves such a flawless security by having no networking support whatsoever and barely any support for removable media. If you want a piece a software - you just code it in, manually. You don’t have to check the code for backdoors if it’s entirely written by you… only for CIA at your actual back door…
Huh, didn’t realise Windows is on a level to be compared to TempleOS. And losing. Thanks for that.
What does ‘modems in mobile phones’ mean? Isn’t the whole thing a modem strapped onto a screen? What am I missing?
I think they just mean they should have control over the modem. They are all locked down and proprietary with known backdoors throughout history, effectively bypassing any OS level security.
A lot of phone modems ship with their own SoC (processor) running its own OS. It’s much smaller and slower than the main phone SoC but, depending on its implementation, it can have full access to all of your main processor’s memory through DMA.
People talking shit about Andrew but I’ve had seriously weird issues with Windows throwing out odd permissions errors on seemingly basic shit on files that are 0kb after restarting and doing all sorts of basic troubleshooting including CMD Prompt and Powershell guides only for none of them to work.
It reeked of virus but never was. Just weird stupid shit that wasn’t easily explained, should’ve worked but didn’t, or various other things that the allmighty Lemmings here think is just beyond a google apparently.
FWIW I’m pretty sure it was straight up related to corrupted files in weird shared folder spots.
You have to pretend they don’t exist and never think about them again after hiding them then hopefully never remember or just reinstall because it’s been a couple years and probably good to do anyway.
Pebkac. Gui equivalent of chown perfectly working on windows and supports recursing into directories. If the questioner doesn’t know how to login as an admin they miss some absolute basic computer usage knowledge, and a general help forum thread wont help them.
Not to mention there is no admin anymore, it’s essentially a sudo style with it popping up asking are you sure.
This though really reeks of their son dragged and dropped their old files onto a new computer and didn’t set the NTFS permissions, and purposely set them up as a non admin so they wouldn’t bother them with “I got a new virus”. When I have an elderly relative ask for me to set up their computer I don’t give them admin rights
Strong Disagree, the GUI equivalent of chown is a bizarrely long series of clicks that less knowledgeable users will easily get confused doing.
It’s a seven step process if you include steps like “log in”.
The problem isn’t the steps themselves, it’s that very few users understand file system permissions.
These errors occur when you’re trying to access a profile folder of a user from another install. Most folders don’t have restrictions like these. However, going into a user folder and changing ownership isn’t something you want someone to do accidentally (because you can easily break a second user account that way).
For Microsoft, the three options seem to be “add a magic button that probably breaks something”, “disable ACLs by default”, or “guide users through the advanced interface”. I think they’ve made the right call here, this is an issue a tiny sliver of their user base will ever run into.
I never said it’s good ux, but it’s working
You described it as pebkac - it isn’t - it’s an OS design issue.
If you read the thread they got an answer to their question, then OP posts this rant here like its a classic “windows is stupid” thing, while simply a user tries to do something which is too complex for them, and blames their lack of knowledge on the os.
Andrew is going to get malware on his PC, guaranteed.