Installed version can't be started without adminrights

[beerisgood]

I choice to use the install (x64) version, so i can get updates and can use the secure Windows program files folder.
But if i start SyncTrayzor.exe then only the window open but close before any text is displayed.
If i run the same exe with adminrights, then all works.

Windows10 x64 with only the normal Windows account and UAC.

Also no error displayed, just program closed.

[canton7]

Can you look at the logs? They'll be in C:\Users\<You>\AppData\Roaming\SyncTrayzor\logs. If you could post the bit corresponding to you attempting to start SyncTrayzor, that would be helpful.

[beerisgood]

Okay will do it when i'm home at friday

[xoxefdp]

SyncTrayzor.log
Installed version can`t start even with admin permissions! There's my log attached

[canton7]

@xoxefdp This is a different issue. Please open your own issue.

[beerisgood]

Here the log:
SyncTrayzor.log

I think the problem is, that Syncthing ask at installtion for adminrights and i choice the default install path "C:\Program Files\SyncTrayzor" but now, as not elevated user the following fails (because of group policies):
DefaultSyncthingPath: C:\Users\beerisgood\AppData\Roaming\SyncTrayzor\syncthing.exe

Why SyncTrazor want copy and start syncthing.exe from AppData and not from installed path "C:\Program Files\SyncTrayzor" ?
If i want apply a update, i would start it with elevated rights to do but this way break on secure environments cause startable binarys from %AppData% are blocked - Malware behaviour

[canton7]

Syncthing auto-updates itself, and it needs to be able to do this without admin rights. Therefore I need to run the syncthing executable from a location which the user has write access to, i.e. AppData.

I need to get the Syncthing executable from somewhere, and so it's put in Program Files by the installer, and copied to AppData when SyncTrayzor starts for the first time.

If you need to run the Syncthing executable from another location, change File -> Settings -> Syncthing -> Syncthing Custom Path, or run the portable version.

The actual error you are getting however is

2018-07-06 17:23:52.9126 #32232 [Error] SyncTrayzor.Bootstrapper: An unhandled AppDomain exception occurred. Terminating: True System.IO.FileLoadException Die Datei oder Assembly "System.Transactions.dll" oder eine Abhängigkeit davon wurde nicht gefunden. Dieses Programm wurde durch eine Gruppenrichtlinie geblockt. Wenden Sie sich an den Systemadministrator, um weitere Informationen zu erhalten. (Ausnahme von HRESULT: 0x800704EC) System.ServiceModel.Description.ServiceDescription CreateDescription(System.Collections.Generic.IDictionary`2[System.String,System.ServiceModel.Description.ContractDescription] ByRef)    bei System.ServiceModel.ServiceHost.CreateDescription(IDictionary`2& implementedContracts)
   bei System.ServiceModel.ServiceHostBase.InitializeDescription(UriSchemeKeyedCollection baseAddresses)
   bei System.ServiceModel.ServiceHost..ctor(Type serviceType, Uri[] baseAddresses)
   bei CefSharp.Internals.BrowserProcessServiceHost..ctor(JavascriptObjectRepository javascriptObjectRepository, Int32 parentProcessId, Int32 browserId, IJavascriptCallbackFactory callbackFactory)
   bei CefSharp.ManagedCefBrowserAdapter.OnAfterBrowserCreated(IBrowser browser)
   bei CefSharp.Internals.ClientAdapter.OnAfterCreated(ClientAdapter* , CefRefPtr<CefBrowser>* browser) System.IO.FileLoadException: Die Datei oder Assembly "System.Transactions.dll" oder eine Abhängigkeit davon wurde nicht gefunden. Dieses Programm wurde durch eine Gruppenrichtlinie geblockt. Wenden Sie sich an den Systemadministrator, um weitere Informationen zu erhalten. (Ausnahme von HRESULT: 0x800704EC)

This seems to have nothing to do with running Syncthing from AppData - it seems that SyncTrayzor (or, more correctly, its embedded browser component) is unable to load a particular .NET Assembly (System.Translations.dll), because that's blocked by a group policy. I'm afraid I don't know why that assembly in particular would be blocked by a group policy (it seems that we can load other assemblies just fine).

[beerisgood]

That doesnt make sense. If i choice the installed version, which needs admin rights then i will allow the app admin rights if a update is required.

AppData is a very bad idea for security and no other programs i know, do that.

I change the path, but still SyncTrayzor close without admin rights.
Also i dont block any .NET but maybe the file is located in a folder, SRP dont have a whitelist entry for

[canton7]

Again, the location of Synching is not relevant to your prbloblem.

Synching's update mechanism requires it to be somewhere the user can write to. I'm sorry if that doesn't make sense to you, but that's how it is and I can't change it. I agree on the security aspect, which is why SyncTrayzor installs itself into Program Files. Synching however does things differently so I need to accommodate that. Plenty of applications have chosen to install into AppData, for example Chrome.

However, I suggest you focus on the actual issue here, which is not related to AppData.

[beerisgood]

I found that i block user write access to "C:\Windows\Microsoft.NET\assembly" in SRP.
After unblock that, SyncTrayzor start without adminrights.

Can you maybe say what SyncTrayzor do with that folder?

[canton7]

As I told you before, you can place Synching in Program Files yourself, and tell SyncTrayzor to use that copy. You are then responsible for keeping that updated.

[canton7]

That folder is part of .NET. SyncTrayzor uses .NET. I don't think you can block random parts of C:\Windows and expect Windows to keep working...

[beerisgood]

Alright. Thanks for helping!
I will recheck the "recommend" SRP rules.

Changing path for Syncthing works. No more starting Syncthing.exe from C:\Users%username%\AppData\Roaming\SyncTrayzor

I close the issue now. Maybe a notice in readme for other users which have the same problem would be nice