| Summary: | Minimize To Tray gone on Kleopatra 3.30 shipped with gpg4win 4.4.0 | ||
|---|---|---|---|
| Product: | [Applications] kleopatra | Reporter: | iuqbgq9h-1 |
| Component: | general | Assignee: | Ingo Klöcker <kloecker> |
| Status: | CLOSED INTENTIONAL | ||
| Severity: | normal | CC: | aheinecke, kdepim-bugs, mutz |
| Priority: | NOR | ||
| Version First Reported In: | unspecified | ||
| Target Milestone: | --- | ||
| Platform: | Microsoft Windows | ||
| OS: | Microsoft Windows | ||
| Latest Commit: | Version Fixed In: | ||
| Sentry Crash Report: | |||
|
Description
iuqbgq9h-1
2024-12-19 18:06:58 UTC
Are you using a user account with elevated permissions (i.e. administrator permissions) or are you running Kleopatra with elevated permissions? This has caused difficult-to-resolve permission problems for some users. Therefore we have made a few changes to avoid some of those problems. One of those changes was to quit Kleopatra when the last window is closed (see https://dev.gnupg.org/T7050) and Kleopatra is running with elevated permissions. We advise strongly against using a user account with elevated permissions for daily work and against running Kleopatra with elevated permissions. In modern Windows there's very little reason to use an "admin" account because Windows will ask whenever you want to perform an operation that requires admin power. UAC is disabled in Local Security Policy Local Policies -> Security Options -> User Account Control: Run all administrators in Admin Approval Mode: Disabled. The user account is the only non-Guest account and is an administrator. So all programs run "elevated". (When UAC is disabled, all processes run under an administrator account run with a privileged security token = "elevated"). It is not possible to minimize Kleopatra to tray in this mode. It can be started minimized to tray with '--daemon' command line option, but after first use for encryption, the window is shown and then appears in the taskbar. Is there a UI or config file setting to turn this new behavior off - and in fact all special behaviors for Kleo::userIsElevated()? (Including the pop-up.) If this is by design, I'll try to compile special version with Visual Studio 2022's CMake myself. Thanks. Yes, this is by design. It caused too many hours for customer support to analyze permission problems caused by elevated privileges. If you want to build gpg4win yourself have a look at the gpg4win repository. We crossbuild with MinGW. You'll have a hard time trying to build it with MSVC. If you want to try then best checkout Craft. This MR shows the current status of building Kleopatra with MSVC: https://invent.kde.org/pim/kleopatra/-/merge_requests/314 We may consider merging an MR which adds a way to force a custom return value for Kleo::userIsElevated(). I think I'd prefer an environment variable for this. I ended up doing a binary patch on kleopatra.exe (from gpg4win 4.4.0 reports as Kleopatra version 3.3.0). This was much simpler than compiling from source. At offset 0xF710 in the file, changed the bytes 0xFF 0x15 to 0xEB 0x23. This causes the function win_user_is_elevated() in userinfo_win.cpp to skip the OpenProcessToken() code and always return false. So it always considers itself non-elevated. Now everything is fine. No popup, and minimize-to-tray with close button works. Thanks for the help. Thanks for the feedback! Reminds me of the time when I patched binaries. I'll close your report as INTENTIONAL. Feel free to submit a merge request for a more permanent solution. |