View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0010734 | MMW v4 | Main Panel | public | 2013-04-15 09:24 | 2015-02-24 05:02 |
| Reporter | Ludek | Assigned To | |||
| Priority | immediate | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | 3.2.5 | ||||
| Target Version | 4.1.6 | Fixed in Version | 4.1.6 | ||
| Summary | 0010734: Ctr+Alt+Del is not disabled in Party mode (Windows 7+) | ||||
| Description | Configure Party mode using these settings: http://i1289.photobucket.com/albums/b507/seed_or_die/Capture_zpsb41e9959.png Go to party mode and press Ctrl+Alt+Delete => User has access to your computer This doesn't happen on Windows XP | ||||
| Additional Information | http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/99939eaa-e805-4a0e-944d-a94052d2fc4f/ http://msdn.microsoft.com/en-us/library/ms815238.aspx | ||||
| Tags | No tags attached. | ||||
| Fixed in build | 1728 | ||||
|
|
A hack that is worth to try: http://www.thewindowsclub.com/change-ctrl-alt-delete-options-windows |
|
|
Fixed in build 4.1.6.1727 and merged to 5.0.0 using the hack from the note above. Note that I am not sure about the hack as it requires elevation (admin rights) and also writes values to Windows registry which can be unpleasant when user shuts down computer unexpectedly when is in party mode. We can revert this hack in case of negative feedback, but I am afraid that there isn't any other hack how to prevent Ctrl+Alt+Del |
|
|
Although hack works like you pointed there is some issues that needs to be addressed in order to fully introduce this hack. 1. Enter Password dialog should be instead of track view not as separate window as in some cases it goes behind MMW main window making whole PC locked 2. Elevation is problematic when MMW is used as portable where this hack violates portable as it access system essential resources it should be noted in Tooltip 3. Prevent switching to other apps should be grayed and disabled unless MMW is started as Administrator (to comply with elevate rules) or 3a. Try to elevate MMW where if user click YES it allow ticking the option 4. As pointed hack disables essential system settings, so to cover us completely in case that option to prevent CTRL+ALT+DEL is enabled MMW should read affected registry on startup and revert to original/correct values in case that system crashed or was restarted while MMW was in Party Mode and INI or registry value should be set when MMW enters Party mode 4a. Before MMW enters party mode and switches options in CTRL+ALT+DEL options backup of existing should be saved along with PartyIsOn from Point 4 so that they are reverted to original state after MMW exits Party Mode 5. If password is empty MMW should not show Enter password dialog but rather just exit party mode |
|
|
1. I have never observed this, but in MM5 the password edit box is already embedded (next to the Exit Party mode toolbar button) 2. You are true, I forget about this, in portable version we shouldn't use this hack at all 3. The elevation is now shown once entering party mode and user can cancel this, which is OK I think. Otherwise non-admins couldn't use the feature at all 4. I was thinking about the same, but this is also problematic, because even for reading these registry entries you need to elevate / run as admin Thinking about all the troubles I think that the best for now would be: i) Revert the hack and make it available via hidden INI entry (PreventAltCtrlDel=0), i.e. disabled by default ii) create KB article that would describe the hack. There would be described which registry entries to edit _manually_ and also the hidden INI switch (PreventAltCtrlDel=1) that will edit them _automatically_ on each party mode enter/exit This way user will be also aware which registry entries the hack edits. |
|
|
Added the switch in build 4.1.6.1728 @Peke, @Rusty, please add the KB article as described in the note above describing: A) Auto-edits: PreventAltCtrlDel=1 under INI section [PartyMode] B) Manual edits: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System DisableLockWorkstation = 1 DisableChangePassword = 1 DisableTaskMgr = 1 HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer NoLogoff = 1 NoClose = 1 HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System HideFastUserSwitching = 1 |
|
|
I created two REG files for easier Enable/Disable http://www.happymonkeying.com/eSupport/EnableComputerLock.reg and http://www.happymonkeying.com/eSupport/DisableComputerLock.reg reassign back to me after you upload them to our server so that I can create KB article. |
|
|
Verified 1733 KB Article issue added to 0012616 |
