Thanks Mike, Plenty to run with there. Correct me if I'm wrong but it still seems the upshot is that non admins will not be allowed to make changes in these restricted directories? We are not so worried about multiple user switching as these files are generally only used for our customers to play with. They do sometimes evolve into production systems but even in this case our software can handle multiple user as we have a check in / out policy internal to the software which prevents concurrency issues. A common app folder would still be preferred but I am unable to find one.
I wonder how many users in the world have admin rights, certainly in the past a lot of people just curb all the access restrictions and make users admins. I'm not sure I've ever used any of the shades of grey privilege accounts, why make life hard for yourself. There in lays the difference between doing the right thing and doing the easy thing, maybe that's why communism failed. Simon -----Original Message----- From: Mike Dimmick [mailto:[EMAIL PROTECTED] Sent: 21 February 2008 23:57 To: Simon Topley; wix-users@lists.sourceforge.net Subject: RE: [WiX-users] Vista, C Root, Hello world, Windows 3.1 For some reason a lot of developers are having trouble with understanding UAC. UAC isn't just the prompt, it's a bunch of features designed to ensure only those things that need to run with high privilege do so, that other programs can't interfere with the high-privileged programs, and some additional features to try to help work around the changes for legacy programs. The best thing to do for any new code is not to be considered a legacy program. To do this, your programs - all of them - need a manifest describing their privilege requirements. The way to do this is described at http://msdn2.microsoft.com/en-us/library/bb756929.aspx. 99.9% of programs should be marked 'asInvoker', the remaining 0.1% which are actually used to administer your system marked as 'requireAdministrator', and anything that would require 'highestAvailable' should be split into a regular program that can run with normal privileges and a small bit that must run with administrative privileges, to configure those settings. You could, of course, simply set 'requireAdministrator' on everything and annoy your users every time they run the program with a UAC prompt. But it's against the spirit of trying to get everything running with the lowest privileges possible, so that if a remote code execution bug (at worst) is found and exploited, it can only trash the user's profile, not the whole system. Windows NT has always had a security system, it's just that most people didn't use it because it was too much bother, largely because applications expected to be able to write anywhere and failed in unusual ways if they couldn't. I used to use Windows XP as a standard user - I still do at work - and it can be a lot of pain. Vista UAC makes it much easier to run with low privileges most of the time and only invoke higher privileges when you need them. You're definitely on the right lines with moving files that all users need to write to the Common Application Files folder, but you should question whether all users on the same machine really need to write to the same file or registry key. There really is no harm in having separate configurations for each user, and it may surprise users if a setting changes because a different user changed it. You could get into really odd scenarios with Fast User Switching or Terminal Services, if settings can change under a running copy of the program. Modifying a file written by Windows Installer can have a surprising effect - it may not be overwritten when you install an upgrade, depending on when you schedule RemoveExistingProducts (I think). Modifying a key can be similar - there is no versioning involved, registry key updates always overwrite. I would recommend treating whatever is installed as immutable except by the next version of the installer. -- Mike Dimmick -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Simon Topley Sent: 19 February 2008 15:51 To: wix-users@lists.sourceforge.net Subject: [WiX-users] Vista, C Root, Hello world, Windows 3.1 Where do I begin... First off I suppose I should say hello, it's been ages since I posted as our lovingly tailored installers have been carefree for sometime now. Here is my problem... Vista. The information contained in this e-mail is likely to be confidential and may be legally privileged. It is intended only for the addressee. If you have received this message in error please notify the sender immediately at the above address. The disclosure, copying or distribution of this message or its contents without the prior approval of Wallingford Software is strictly prohibited. Wallingford Software is not liable for unauthorised disclosures nor for subsequent actions or omissions in reliance upon them. Registered in the UK, company no: 02288719 Wallingford Software Limited, Howbery Park, Wallingford, Oxfordshire, OX10 8BA ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ WiX-users mailing list WiX-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wix-users
