12-31-2024 08:53 AM - edited 12-31-2024 09:13 AM
Hi. Some little bug is game breaking and annoying. I request recommendations to mitigate.
It relates to ROG Live Service on a ROG Ally Extreme(2023).
I have made some changes to factory defaults on my system:
- Moved Administrator rights to another admin account as Microsoft recommends.
- I must give elevated privileges when programs ask for it after wake up from sleep / boot. (I hope this improves soon with updates)
Screenshot of error messageThis error message flashes on the monitor and breaks ongoing games mouse/keyboard drops lock or switches from game to desktop causing problems on multiplayer and other games. It occurs randomly, but I assume it has time trigger that causes it to repeat.
filenames and aclby default it seems that users group does not have modify access.
It's a bit confusing why this process has no write access, as if it is live service that is the problem, that is started by HKLM\System\CurrentControlSet\Services (I think it means System context)
I think Microsoft will within a year separate administrative privileges from normal local accounts ("Administrator protection"). This makes some problems on programs that are not run as system account, and have need to interact with user session on local desktop. So applications will run to this problem in mass then that update arrives. (assuming that this is related to removal of excessive rights)
(copilot old me that it's on Windows 11 Insider Preview Build 27718 )
01-02-2025 06:13 AM
I think giving access to files now just blinks for 100ms and still does the same thing only faster.
Still same problem of not having admin credentials, as HKEY_LOCAL_MACHINE is not accessible. Maybe original error caused it to fail/terminate and rerun is done by non admin process. If only I had a "hook" to allow me to let process monitor catch it on the background.
Below new contents in RLSPluginUpdater.log
[2025-01-02 15.57.56] [RLSPluginUpdater] Version : 1.2.1.0
[2025-01-02 15.57.56] [CampaignInstall] Start
[2025-01-02 15.57.56] [CampaignInstall] modelname : RC71L
[2025-01-02 15.57.56] [CampaignInstall] 1-Step folderName : Common
[2025-01-02 15.57.56] [CampaignInstall] Camppaign foldere : Common
[2025-01-02 15.57.56] [CampaignInstall] 2-Step folderName : 20240927
[2025-01-02 15.57.56] [CampaignInstall] configversion : 20240927
[2025-01-02 15.57.56] [writeregistry_RLSinfo] OpenBaseKey LocalMachine Registry64 success.
[2025-01-02 15.57.56] [writeregistry_RLSinfo][Exception] System.UnauthorizedAccessException: Access to the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\ASUS\RLSinfo' is denied.
at Microsoft.Win32.RegistryKey.Win32Error(Int32 errorCode, String str)
at Microsoft.Win32.RegistryKey.CreateSubKeyInternal(String subkey, RegistryKeyPermissionCheck permissionCheck, Object registrySecurityObj, RegistryOptions registryOptions)
at Microsoft.Win32.RegistryKey.CreateSubKey(String subkey, RegistryKeyPermissionCheck permissionCheck)
at Microsoft.Win32.RegistryKey.CreateSubKey(String subkey)
at RLSPluginUpdater.Program.writeregistry_RLSinfo(String subkeyname, String keyname, String keyvalue)
[2025-01-02 15.57.56] [CampaignInstall] Environment.Exit : 0
Still looks to me like that the fix needs for things to move from admin protected areas to user space. Or completely operate in the background as services without requirement to interact with user session.
01-06-2025 04:43 AM
Thanks for quick reply,
It's probably true as it was earlier way to implement these as monoliths. Yet, I have already working example of that requirement being fulfilled in more secure way. (the main framework at least)
But it seems that it also dug into light a "bug" if you will. Unhandled file access error that falls through error handling. Maybe not quite serious one, but it still does stop internet connected update service and breaks UX and stops writing logs.(but as it is user modification, I know...) if it would silently be passed, then I would not have raised this.
"Main core problem" is that process is not elevated(and everything flows from that problem) , so maybe I will start this process to admin user context with script on a desktop for now. Process may need normal user registry, but it also may not depend on it (process monitor didn't yet caught it). Maybe update should go through MyAsus updater anyway. Or just disable this until it's patched, idk yet.
But it's probably going to harder after this year.
Waiting eagerly betas for newer versions.
Apple before, so will Microsoft later take more mature hold of their OS system security. Safety comes first and we are running a lot of unproven code from internet anons anyway. "Wild west" has been coming to an end for some time now and will be a pain for devs to do all that in more confined space. (Downloading anything in admin context from internet, idk)
Is there a known way one could join beta, I did start running code back in the mid 80's and can write English as third language.