dcsimg
CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 9 of 9

Thread: Can .exe programs modeify files of the user?

  1. #1
    Join Date
    Nov 2018
    Posts
    19

    Can .exe programs modeify files of the user?

    Suppose my friend sends me a .exe, if I click it, is there a risk that the program might delete things from my desktop or maybe rename everything to 123253563.random or something like that?

    Can it also access the recycle bin?

    Maybe one day a game got breached and when I run the game it deletes everything on my computer..

    edit: Sorry I forgot I was in this forum.. how do I move my thread? And where does this belong?

  2. #2
    Join Date
    Feb 2017
    Posts
    434

    Re: Can .exe programs modeify files of the user?

    You're gonna need to run the .exe in a sandbox. I've never used one but I think Sandboxie is one of the most popular,

    https://www.sandboxie.com/

  3. #3
    Arjay's Avatar
    Arjay is online now Moderator / MS MVP Power Poster
    Join Date
    Aug 2004
    Posts
    12,986

    Re: Can .exe programs modeify files of the user?

    Quote Originally Posted by Numb View Post
    Suppose my friend sends me a .exe, if I click it, is there a risk that the program might delete things from my desktop or maybe rename everything to 123253563.random or something like that?

    Can it also access the recycle bin?

    Maybe one day a game got breached and when I run the game it deletes everything on my computer..

    edit: Sorry I forgot I was in this forum.. how do I move my thread? And where does this belong?
    What is your question?

  4. #4
    Join Date
    Nov 2018
    Posts
    19

    Re: Can .exe programs modeify files of the user?

    My questions are:

    When I run a .exe, do I run the risk of "the program might delete things from my desktop or maybe rename everything to 123253563.random or something like that?".

    "Can it also access the recycle bin?"

    When a popular game or application gets breached, the intruder might update the game client so that it has this piece of code that does the above.

    Will antivirus pick all of this? Or are you doomed? How to be safe while using .exe?

    Also suppose I destroy all the files of my friend, could I be sued?
    Last edited by Numb; January 6th, 2019 at 05:27 AM.

  5. #5
    2kaud's Avatar
    2kaud is offline Super Moderator Power Poster
    Join Date
    Dec 2012
    Location
    England
    Posts
    6,692

    Re: Can .exe programs modeify files of the user?

    What an .exe can do is limited by the context in which the .exe is executed. Running it as an Administrator, for example, allows the .exe far more access to system resources than just running it as a user. Many of os 'security vulnerabilities' arise from 'tricks' discovered that allow an .exe run as a user to access resources to which it shouldn't have access.

    Top-rated anti-virus software (note that some are rated much better than others and they shouldn't all be judged as equal) will detect most 'suspecious' activity and warn the user. However, this is not (and could never be) 100% reliable. The only way to be absolutely safe re an unknown .exe is to either run it in a sandbox as suggested by Wolle in Post #2 or in a 'throw away' virtual machine environment.

    If you deliberately issue an .exe that performs unexpected and unwanted actions on a computer when executed, then you might well be liable to be sued - depending upon the laws of the country(s) concerned.

    This is one reason why Microsoft, Apple et al have 'App Stores'. Programs obtained from these have been checked and 'certified' that they behave in the manner expected.
    Last edited by 2kaud; January 6th, 2019 at 06:09 AM.
    All advice is offered in good faith only. All my code is tested (unless stated explicitly otherwise) with the latest version of Microsoft Visual Studio (using the supported features of the latest standard) and is offered as examples only - not as production quality. I cannot offer advice regarding any other c/c++ compiler/IDE or incompatibilities with VS. You are ultimately responsible for the effects of your programs and the integrity of the machines they run on. Anything I post, code snippets, advice, etc is licensed as Public Domain https://creativecommons.org/publicdomain/zero/1.0/ and can be used without reference or acknowledgement. Also note that I only provide advice and guidance via the forums - and not via private messages!

    C++17 Compiler: Microsoft VS2019 (16.1.3)

  6. #6
    Join Date
    Feb 2017
    Posts
    434

    Re: Can .exe programs modeify files of the user?

    Quote Originally Posted by Numb View Post
    How to be safe while using .exe?
    If you missed it, see my previous reply.

    To be safe you need to run the .exe in a so called sandbox environment. It will allow you to control the .exe's access to the OS and thus prevent the .exe from doing bad things.

  7. #7
    Join Date
    Dec 2018
    Posts
    12

    Re: Can .exe programs modeify files of the user?

    I support wolle. You can create a sandbox and run the executable there. You can use Virtual Box for example. It's easy to create an operating system and see what the program does.

  8. #8
    Join Date
    Nov 2018
    Posts
    12

    Re: Can .exe programs modeify files of the user?

    Bear in mind that if the code was truly malicious, then it's possible that it could detect your attempt to run in a sandbox / VM and "play along" to lure you into a false sense of security.
    http://www.cplusplus.com/forum/windows/96874/

  9. #9
    Join Date
    Feb 2017
    Posts
    434

    Re: Can .exe programs modeify files of the user?

    Quote Originally Posted by salem_c View Post
    Bear in mind ...
    Yes, there's a limit to how well software can protect you. Neither sandboxes nor virus packages are 100% secure. To step up security I suggest a two-computer solution.

    The first computer is the on-line computer. It is connected to anything you want (typically the internet) and anything can be freely installed. It holds no sensitive information and if it gets compromised in any way it is reset to pristine factory state. Then everything is lost but that doesn't matter because nothing of major value is kept on this computer.

    The second computer is the off-line computer. This is where all real work takes place and where all sensitive data is kept. Most of the time it is physically isolated from the outside world. Data may be transferred to and from it but only when absolutely necessary and then with stern safety procedures. Data is automatically backed up at fixed intervals and copies are kept at a safe location (like a bank locker).

    So the idea is that the on-line computer acts as a sandbox to the off-line computer with only a small amount of highly controlled information exchange. Both computers should have full virus protection.

    Admittedly the two-computer approach is somewhat tedious and doesn't fit every situation. Still it increases security quite a lot and I recommend it for anyone who's doing professional work from home, especially if exposing or losing information has legal consequences. And it definitely beats paying ransom to some hijacker.
    Last edited by wolle; January 23rd, 2019 at 05:31 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Windows Mobile Development Center


Click Here to Expand Forum to Full Width




On-Demand Webinars (sponsored)