Playing devil's advocate again. I find it a sensible (but annoying) change in Vista to NOT allow access to the Program Files and root of installation drive for anyone but Administrator. Again, how would malware propagate if it has no access to ether one of those locations? It would clearly have a hard time. As a proof I've seen two interesting statistics (I lost the links, don't ask for links). Vista's number of vulnerabilities 14 days after official launch has been smaller then Linux. Vista is considered safer then Mac. I'd say Microsoft got it right this time.
As in many other cases, take a look at Microsoft's "designed for Windows" logo certification requirements. If you follow the requirements your application will work on any system. Installation might require administrative privileges - but hey, aren't users working on limited accounts so they CAN'T install stuff that has not been approved and tested by administrators? If you absolutely must have your application installed by non-administrators that can't acquire administrative privileges for the length of time required to run your installer, then you can't use an installer at all. Vista's heuristics will detect it's an installer and REQUIRE administrative privileges. It's not only a matter of calling (or not calling) your installer "setup.exe", there are other tricks. In the end you'll end up having your users download the application to the Desktop and run from there. They'll be able to do whatever they want on the Desktop, including copying exe files and running them. The same goes for all personal folders, including "My Documents" and "Application Data". And remember, Vista's Administrator IS A NORMAL USER. The only difference is that an Administrator can acquire administrative privileges at an UAC prompt without typing a password. An normal user may also acquire administrative privileges with an UAC prompt but in this case the user will have to type both a user name and a password. And this introduces yet another trick: "Don't expect your install.exe to finish under the same account it started!". Your installer might started as a limited user but get promoted to Administrator if required. That's why applications like Office have a "preparing stuff for first use" that runs the first time you run the application, not as part of the installer. -- Cosmin Prund > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of CubicDesign > Sent: 21 iulie 2007 14:55 > To: Borland's Delphi Discussion List > Subject: Re: Problems while creating/running apps for Vista > > Hi Irwin. > > In my case, points 2), 3) and 4) creates a real disaster. > 80-90% of my users are running under limited accounts. > > > I never used an installer, just because of the 'admin rights' problem. > I never stored information in registry, also because of the 'admin' > problem. > I installed the software on C:\xxx also because of the 'admin' problem. > I even succeed to make a hardware based trial version (with hidden keys > and files) without having problems on limited accounts. > So my program was 'Ready for Windows XP' users with limited rights. > > I wonder what will happen now under Vista. > > > > ________ > > > Irwin Scollar wrote: > > I had a number of problems in porting my apps to Vista. > > > > 1) Help files for all applications had to be translated to HTML > > (.chm) format, since Vista doesn't support the old (.hlp) format > > without problems even when the updated version is downloaded and > > installed by the user. > > > > 2) Rights have to be set correctly by the installation program on the > > installation directory if anything is to be written there by > > non-administrative users. > > > > 3) Nothing must touch anything but the Current_User key in the > > registry except at installation time by a user with administrative > rights. > > > > 4) Ini files must only be created and written to on directories to > > which a non-administrative user has appropriate rights. Nothing can > > be written to the Windows directory and to the partition on which it > > resides without Vista either objecting or blocking the write. > > > > The ($SETPEFLAGS $20} option for addressing more than 2GB memory in > > the .dpr under D7 caused a crash under Vista if the physical > > address space is greater than 2GB. > > > > Vista x64 has it's own problems, primarily if pointers are typecast > > to integer and the machine has more than 2GB of physical memory. > > Cardinals had to be used instead for pointer arithmetic. But this > > applied to XP x64 too. > > > > There are lots more, but those were the main changes I had to make in > > my apps in Delphi 7. I didn't attempt to get Delphi 7 itself running > > under Vista. If anyone has any experience with that, please describe > > your experience, especially if you used MS's KB932246 two > > compatibility routines for x32 and x64 Vista systems. > > > > Irwin Scollar > > > > _______________________________________________ > > Delphi mailing list -> [email protected] > > http://www.elists.org/mailman/listinfo/delphi > > > > > _______________________________________________ > Delphi mailing list -> [email protected] > http://www.elists.org/mailman/listinfo/delphi _______________________________________________ Delphi mailing list -> [email protected] http://www.elists.org/mailman/listinfo/delphi
