Vista - The multi-desktop kludge for process isolation

11-01-2006

In Vista, if I want to ensure that two processes can't read each other's
files, then I have to run those processes as separate users. This would be
practical if I could mix different users' processes' windows on one desktop,
in order to have ready access to them all. So why can't I do this? Why do
all of the windows for each user have to be isolated onto per-user desktops,
with the desktops switched among using FUS?

11-02-2006

Hello,

You can mix different users windows onto one desktop using the runas command
line tool.

- JB

11-03-2006

"Jimmy Brush" <JimmyBrush@discussions.microsoft.com> wrote in message
news:29D851CB-4D82-4274-A0B5-CBF92302FE6C@microsoft.com...
> Hello,
>
> You can mix different users windows onto one desktop using the runas
> command line tool.

Excellent! Thank you.

But I've already run into one problem: I got cmd, calc, and notepad to run
successfully as another user, but when I try explorer, nothing starts. After
runas gets the password, displays the standard 'Attempting to start explorer
as user "machine\foo" ...', and returns, nothing else happens; explorer
doesn't start.
No error message is given.

BTW, how secure is the process isolation? If I run a program simultaneously
as two different users on the same desktop, what communication paths are
available by default for these two processes to communicate with each other?
(I ask because I want to be able to ensure isolation even while assuming
that the processes will try any means possible to communicate with each
other.) Is it possible to prevent each one from knowing that the other one
is even running?

Also, I don't suppose it's possible to move a currently open window (running
either as the current user or as another user) to another user's desktop...

11-05-2006

<snip>
> but when I try explorer, nothing starts.

Unfortunately, explorer does not allow itself to be ran in the context of a
different user. I'm not aware of the technical (or non-technical) reasons
why.

<snip>
> BTW, how secure is the process isolation?

I do not believe processes running on the same desktop are isolated in any
special way (even if they are running in the context of another user),
except for the isolation involved through UAC. If one program is running as
a standard user and another program is running as an administrator, then UAC
enforces this seperation.

The application can interact with the other windows on your desktop, since
it belongs to the same desktop; however, it runs from the user and security
context of the other user (it only has access to the objects that the other
user does, and when it accesses say HKEY_CURRENT_USER it is talking to the
other user's registry hive).

Windows running in the same desktop have many means of communciation with
each other - they can use the clipboard and send window messages to each
other, not to mention use the lines of communication that are available to
any program regardless of desktop (named/unnamed pipes, sockets, shared
memory, etc).

> Is it possible to prevent each one from knowing that the other one is even
> running?

Not that I am aware of.

> Also, I don't suppose it's possible to move a currently open window
> (running either as the current user or as another user) to another user's
> desktop...

My unerstanding is that once a window is created it is permanently attached
to the desktop in which it was created.

--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

11-01-2006	#1 (permalink)
Roof Fiddler n/a posts	The multi-desktop kludge for process isolation In Vista, if I want to ensure that two processes can't read each other's files, then I have to run those processes as separate users. This would be practical if I could mix different users' processes' windows on one desktop, in order to have ready access to them all. So why can't I do this? Why do all of the windows for each user have to be isolated onto per-user desktops, with the desktops switched among using FUS?
My System Specs

11-02-2006	#2 (permalink)
Jimmy Brush n/a posts	Re: The multi-desktop kludge for process isolation Hello, You can mix different users windows onto one desktop using the runas command line tool. - JB
My System Specs

11-03-2006	#3 (permalink)
Roof Fiddler n/a posts	Re: The multi-desktop kludge for process isolation "Jimmy Brush" <JimmyBrush@discussions.microsoft.com> wrote in message news:29D851CB-4D82-4274-A0B5-CBF92302FE6C@microsoft.com... > Hello, > > You can mix different users windows onto one desktop using the runas > command line tool. Excellent! Thank you. But I've already run into one problem: I got cmd, calc, and notepad to run successfully as another user, but when I try explorer, nothing starts. After runas gets the password, displays the standard 'Attempting to start explorer as user "machine\foo" ...', and returns, nothing else happens; explorer doesn't start. No error message is given. BTW, how secure is the process isolation? If I run a program simultaneously as two different users on the same desktop, what communication paths are available by default for these two processes to communicate with each other? (I ask because I want to be able to ensure isolation even while assuming that the processes will try any means possible to communicate with each other.) Is it possible to prevent each one from knowing that the other one is even running? Also, I don't suppose it's possible to move a currently open window (running either as the current user or as another user) to another user's desktop...
My System Specs

11-05-2006	#4 (permalink)
Jimmy Brush n/a posts	Re: The multi-desktop kludge for process isolation <snip> > but when I try explorer, nothing starts. Unfortunately, explorer does not allow itself to be ran in the context of a different user. I'm not aware of the technical (or non-technical) reasons why. <snip> > BTW, how secure is the process isolation? I do not believe processes running on the same desktop are isolated in any special way (even if they are running in the context of another user), except for the isolation involved through UAC. If one program is running as a standard user and another program is running as an administrator, then UAC enforces this seperation. The application can interact with the other windows on your desktop, since it belongs to the same desktop; however, it runs from the user and security context of the other user (it only has access to the objects that the other user does, and when it accesses say HKEY_CURRENT_USER it is talking to the other user's registry hive). Windows running in the same desktop have many means of communciation with each other - they can use the clipboard and send window messages to each other, not to mention use the lines of communication that are available to any program regardless of desktop (named/unnamed pipes, sockets, shared memory, etc). > Is it possible to prevent each one from knowing that the other one is even > running? Not that I am aware of. > Also, I don't suppose it's possible to move a currently open window > (running either as the current user or as another user) to another user's > desktop... My unerstanding is that once a window is created it is permanently attached to the desktop in which it was created. -- - JB Windows Vista Support Faq http://www.jimmah.com/vista/
My System Specs

Similar Threads
Thread	Forum
Multi Monitors Mirrored Desktop PC	Vista hardware & devices
Remote Desktop messes up windows positions when connecting to multi-monitor desktops	Vista networking & sharing
Multi-boot setup process does not work as advertised in FAQs	Vista installation & setup
Multi User Desktop	Vista General
Toolbar above menu is a kludge isn't it?	Vista General