Vista User Account Control and Command Line Applications
(Moved to new blog…)
Share This | Email this page to a friend
Posted by Fredrik Haglund archive on March 19th, 2007 under Delphi |7 Responses to “Vista User Account Control and Command Line Applications”
Server Response from: dnrh1.codegear.com
RSS Feed
March 20th, 2007 at 6:41 pm
NOOOOOOOOOO!
Don’t ever write programs that check explicitly for admin privileges! That will only encourage ordinary users to do their regular work with admin privileges which is the prime root of evil^D^D^D^Dmost security issues existant with Windows today.
Most programs that initially appear to require admin privileges can be made to work by tweaking a few explicit file or registry permissions instead. If you check explicitly for admin group membership however you are effectively forcing users to run as admin and that’s the beginning of the end for anyone whose computer is even remotely connected to the outside world!
Please! Don’t advertise this stuff as best practice or anything like that! It is NOT!
It’s basically just like coding web pages for different browsers: Never check for individual browsers implicitly but check for the individual *feature* you’re trying to use instead - the reasoning in this case being that you never know when XYZ-browser might start supporting that feature. In the case of explicitly requiring admin privileges you’re assuming way too much. If you can then let your installer tweak the permissions for you rather than requiring blanket admin privs.
Thanks for listening and sorry for the rant…
March 20th, 2007 at 10:30 pm
Oliver,
Yes, I do agree with you that a developer should do as much as possible to make his applications to run as a Standard User.
And also it is of course better to check for a explicit privelege instead of if you are a member of the local administrator group.
What I try to get across in this blog post is:
1) I strongly recommend adding a manifest (with required execution level) to all applications to get rid of the compatibility feature called virtualization.
2) Microsoft recommend in their UAC cookbook that you never should use "require administrator" in manifest for command line tools. Instead you should abort execution with an exit code.
3) UAC splits the token into two parts if you have administrative priveleges and I wanted to show how to detect that.
/Fredrik
March 21st, 2007 at 12:34 am
Fredrik,
thanks for the clarification.
Point taken.
On to work.
Cheers,
Oliver
March 21st, 2007 at 7:41 pm
>> With an earlier Delphi release you can manually create and include the manifest.
Can you provide any more information or links on how to create a manifest for an existing application? I can’t seem to find information for the steps needed say for a Delphi 2006 win32 application.
March 21st, 2007 at 7:52 pm
Hi Mark,
Please have a look at one of my blog posts from december. I have recorded a session about UAC that I gave at the Oslo Delphi Club and slides and example application for BDS2006 can also be downloaded.
/Fredrik
July 6th, 2007 at 3:26 pm
I’ve a tray application developed in delphi6. The application on double click or from pop up menu launches an asp page, which contains frames. One of the frames contains the activex control. which responds to all user request. Now my problem is that vista doesn’t allow this activex control to update db and other operations which uses registry access. If I disable the protect mode or run application as administrator the application fails to launch the web browser at all.
While seeking the solution of this problem I came across you article and added manifest in both of my application and activex control. But, the problem persist in both the cases that when I run this application as administrator or set the privilege level as highestavailable/requireadministrator, my application fails to launch web browser at all. And if I set the requestexecutionlevel as asinvoker my active control fails to interact with db and registry.
Please help me out of this…..
July 8th, 2007 at 5:01 pm
Imran, I’m sorry but you will have severe problem to get that to work because of the new protected mode in Internet Explorer.
Everything within IE will run in a sandbox and the ActiveX will not be allowed to access file system or registry.
The only thing I have left to suggest is if add the site that hosts you asp pages and ActiveX controls to the list of trusted sites in IE and try.
/Fredrik