How do I (properly) access another users' recycling bin without logging in as him?

9

4

I am using Windows 7 daily as a limited user with UAC enabled. I log in as $USER and have have a dummy user called $ADMIN with Administrative access I use for elevation purposes.

Unfortunately, some elevated applications are aware of being elevated: running Explorer as admin still shows $USER's folders and permissions. Some other applications are not, and will try and access $ADMIN's folders and permissions.

In particular, I used a program (yes, I'm looking at you, TuneUp 2010) to find and delete cruft from my system. Unfortunately, when an elevated TuneUp deletes files it uses the $ADMIN's recycling bin.

Now. I don't want to log in as $ADMIN. It's a dummy account. It isn't supposed to be logged into. It's just there for elevation purposes. I don't want it to have a profile, a home folder and settings for it.

So what I want to do is use elevation to access $ADMIN's recycle bin and cleanly empty it. Windows seems to offer no way to do so, unfortunately:

  • Running Explorer as $ADMIN from the GUI will result in the $USER's folders being used. Running explorer as $ADMIN from the command prompt (using the elevate powertoy, for example) results in the following error message:

Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

[OK]

  • Running start . from an elevated command prompt results in the above error message.
  • Running notepad as $ADMIN and using the Open dialog as a primitive Explorer shows no way to access the recycling bin. Right clicking files from that screen will result in a temporary hang and in no menu being shown. Attempting to open the raw Recycling bin "raw" folder, C:\$Recycle.Bin\S-1-5-21-1970411373-1708269306-xxxxxxxxxx-1007\, from the above Open dialog results in the following error message:

Recycle Bin

You don’t have permission to open this file.

Contact the file owner or an administrator to obtain permission.

[OK]

I "fixed" the issue by issuing "del * /S /F /Q" from an elevated prompt from inside the bin "raw" folder but that's obviously not the way to go.

What should have I done instead?

It seems my question was not clear enough. How surprising. :)

Here's what I am trying to achieve. All I want to do is open this window as $ADMIN:

$USER's recycle bin window.

badp

Posted 2010-01-24T16:30:20.180

Reputation: 3 457

I also asked on http://social.answers.microsoft.com/Forums/en-US/w7security/thread/e738fdbd-15af-4010-939e-82582cdfbc33

– badp – 2010-01-24T16:30:44.110

With UAC enabled, is there a reason not to use the admin account everyday? I have a admin account, but it works as regular user, unless I confirm that a specific task should be done as administrator. With this using two accounts should not improve security... – Lukas – 2010-01-27T14:56:34.323

Yep, there is. UAC as Admin defaults is just as good as no UAC. UAC as Admin maxed out is far better but offers no protection from people around you -- to name one scenario, if you forget to Win-L as you leave your computer, there's nothing stopping a 'friend' to 'pwn' it (you can create an admin account to reset passwords from). – badp – 2010-01-28T11:26:52.657

Answers

6

  1. Start an elevated copy of notepad -- or well, any program that has a modern Open dialog. (press the Windows key, type notepad, press Ctrl-Shift-Enter)
  2. From File choose Open.
  3. In the location bar at the top, click on the icon with the folder to switch to input mode and type the following (literally): Recycle Bin, followed by Enter.
  4. Change the dropdown at the lower-right of the Open window from Text Documents (*.txt) to All Files
  5. Lo and behod, the contents of $ADMIN's recycle bin!

Don't forget to close notepad when you're done!

(I agree, this is not really a 'proper' way, but I guess it's better than blindly wiping everything.)

badp

Posted 2010-01-24T16:30:20.180

Reputation: 3 457

1I know, it's kind of lame to answer your own question :( – badp – 2010-01-30T16:08:15.463

11No - it's not lame to answer your own question. It's perfectly legitimate and acceptable. – ChrisF – 2010-01-30T16:23:00.490

1I think you have found a bug. You should be able to do it from an elevated explorer window. I would submit it to Microsoft. See what their take on it is. – Kelbizzle – 2010-01-30T18:34:38.043

1I also think this is an use case that just wasn't considered. There aren't many per-user magic folders in Windows... – badp – 2010-01-30T19:47:32.973

1for XP, you can do a runas /user:username "explorer /separate" and then just type recycle bin into the browse bar. – Dave Cousineau – 2012-06-28T21:48:39.637

0

I think what you're trying to do goes beyond the design of UAC. So I think it's either by design that this happens or it's a bug.

The reason I say this is because UAC was designed to mimick the linux model of separating users from the system.

Subsequently MS had to create a "root" account per se and step away from the "Everybody gets an admin account" model. This fake root account is called the PA account (protected administrator) ie. the first account you created.

I don't think your elevated $USER has ALL privileges on the system that the PA account has. This is why I think the command worked from the prompt.

http://technet.microsoft.com/en-us/magazine/2009.07.uac.aspx?rss_fdn=TNTopNewInfo

Kelbizzle

Posted 2010-01-24T16:30:20.180

Reputation: 1 808

That doesn't explain why in Linux sudo nautilus works and I can access its recycle bin just fine, while in Windows this is a no-go. – badp – 2010-01-29T11:46:31.610

Actually it does. Check this out http://en.wikipedia.org/wiki/Sudo#Runas.2C_su_and_sudo more specifically the second bullet.

Oh in case your wondering I didn't write that hehe. I merely wanted to show that, 'sudo nautilus' works because when you invoke sudo you are becoming full "root". Where as with elevated UAC it's only certain privileges. I'll do more research but my guess is it's an unintentional security feature made possible by a bug.

– Kelbizzle – 2010-01-30T04:47:34.710

Turns out I do have the required privileges. :) – badp – 2010-01-30T16:28:33.067

-1

Boot a Linux Live distro with full NTFS support (e.g. Knoppix) and delete the content of the folder (of course this doesn't work if the drive is encrypted with BitLocker).

Molly7244

Posted 2010-01-24T16:30:20.180

Reputation:

1I do have a Linux partition on this system. What that would do is practically the equivalent of what I did do: del * /S /F /Q.

I am looking for an in-Windows proper way of achieving this. – badp – 2010-01-27T11:22:38.043

-1

Do runas' nest? runas $ADMIN runas $USER?

pra

Posted 2010-01-24T16:30:20.180

Reputation: 248

2runas /user:$ADMIN cmd and runas /user:$USER explorer get me my own recycle bin. – badp – 2010-01-28T11:30:30.633

-1

Hey why not create a batch script that runs your del * /S /F /Q just create a shortcut on the desktop. I hate shortcuts but I'm not sure how you'd feel about them.

Kelbizzle

Posted 2010-01-24T16:30:20.180

Reputation: 1 808

2Sure, I guess I could wrap my head around the DOS shell enough to make runas /user:$ADMIN cmd /k "del C:\$Recycle.Bin\S-1-5-21-1970411373-1708269306-xxxxxxxxxx-1007\* /S /F /Q" work, but again that's not what I want.

All I want is display the recycle bin of an user in Explorer, or some other way to properly handle this special folder. :) – badp – 2010-01-30T06:34:35.277

Asked: 2010-01-24T16:30:20.180

Viewed: 79 629 times

Active: 2018-01-23T21:41:41.120