XYplorer Beta Club
Please include the following information:What happened
- The installer does not request administrator rights itself; it tells you to run it as administrator.
- I ran the installer with administrator privileges.
- After install, the “Launch XYplorer” checkbox was ticked → XYplorer auto-started.
- That instance inherited the administrator privileges from the installer.
Why this matters
XYplorer is a file manager and a launcher. When it runs with administrator privileges:
- anything launched from it (Command Prompt, PowerShell, scripts) inherits administrator rights
- file operations occur with full system access
- there’s no clear indication tied to the action (the elevation happened earlier)
I created a simple custom command to open Command Prompt in the current folder:
Code: Select all
// Run Script
run "cmd.exe /k cd /d ""<curpath>"""
- Command Prompt opened already with administrator rights
- no security prompt was shown
- administrator-only operations (e.g., sc stop spooler) succeeded
Expected behaviour (typical Windows pattern)
- Installer requests administrator rights directly (clear system prompt)
- After installation, the application launches without administrator rights, or does not auto-launch
- Installer with administrator rights → auto-launched XYplorer continues with those privileges (implicit)
- breaks least-privilege expectations
- creates hidden elevated state
- increases risk of unintended system changes
- Do not auto-launch XYplorer from an elevated installer, or
- Relaunch it without administrator rights after install, or
- Clearly indicate elevated state in the interface/title
Edit
The script that worked for launching an admin cmd prompt:
Code: Select all
opencommandprompt , , , 1