Windows Security Forced down developers troaths.
-
Hi, We run a small business, providing Sales Terminals, ShopFloor Terminalst etc. for European Laundrettes and Drycleaners. None of the terminals are likely to be connected to the Internet, the vast majority are Stand Alone, a few have several terminals (Limited to 16), which operate over the network on a File Share basis. It is one of the licensing conditions that each machine has No other software installed but which came witht the OS, and that no machine is attached to an external network. The first version was developed for DOS, we went thru Win 3.1(Great Improvement), Win95/98 (Hard Job, but worth the Effort) to Windows XP. Here it realy excelled. The NT File System was a major improvement, Getting Rid of 'Sections' and a Flat Memory Model took a while to weed out, but the benefits were clear to see. Then we got Vista. Prior to Vista, we had Computers, owned by the business, organised around our More than Adequate security Model, but, Vista interfered, demanding Confirmation at every Step. We immediately dismissed Vista, it is still on our list of Un-Supported Systems. At the moment we have an 'Unsurpassed Supply' of Windows XP Computers, which we recycle, retaining the Windows XP OS. Now, This will come to an end, sooner or later. Does anyone have any idea how to knobble the (un wanted) Windows 7 Security System, so as to allow me to Create,Write and Modify ANY File or Registry Entry, without an Inappropriate Security question inbetween. Microsoft has developed an Operating system that is geared around the likes of Insurance Sales men, Dipping In and Out of office boots, and by logging in, getting their personal settings back, wherever in the world. The businesses we supply to have vastly different requirements, the main one being, that it has One and only One Administrator, an No Other User Accounts. I can fully understand the benefit of Windows Security for the type of application where internet activity is expected, however, why is that aditional security not offered as an installation option, so that those who deem they do not need it, can avoid it. That type of Security Architecture, when it is enforced ( Vista Win 8) rather than Optional (Win XP) is precisely what is causing people to recycle Old Software, start looking at Linux, etc. Seeing all the CutBack versions of Win7 now for sale, Why can MS not supply a Version, with No Security Restrictions, and a Free Access for All on a small LAN.(mayBe blocked from running WAN and INET options) There is a Lot of activity around the world
Give your app elevated privileges and load it as a service at startup, it will run with the admin security token. Then have it communicate with whatever user space component you use for the UI and you'll have all of the security that's available without the nagging questions. What is your application doing that requires admin level access?
All of my software is powered by a single Watt.
-
Hi, We run a small business, providing Sales Terminals, ShopFloor Terminalst etc. for European Laundrettes and Drycleaners. None of the terminals are likely to be connected to the Internet, the vast majority are Stand Alone, a few have several terminals (Limited to 16), which operate over the network on a File Share basis. It is one of the licensing conditions that each machine has No other software installed but which came witht the OS, and that no machine is attached to an external network. The first version was developed for DOS, we went thru Win 3.1(Great Improvement), Win95/98 (Hard Job, but worth the Effort) to Windows XP. Here it realy excelled. The NT File System was a major improvement, Getting Rid of 'Sections' and a Flat Memory Model took a while to weed out, but the benefits were clear to see. Then we got Vista. Prior to Vista, we had Computers, owned by the business, organised around our More than Adequate security Model, but, Vista interfered, demanding Confirmation at every Step. We immediately dismissed Vista, it is still on our list of Un-Supported Systems. At the moment we have an 'Unsurpassed Supply' of Windows XP Computers, which we recycle, retaining the Windows XP OS. Now, This will come to an end, sooner or later. Does anyone have any idea how to knobble the (un wanted) Windows 7 Security System, so as to allow me to Create,Write and Modify ANY File or Registry Entry, without an Inappropriate Security question inbetween. Microsoft has developed an Operating system that is geared around the likes of Insurance Sales men, Dipping In and Out of office boots, and by logging in, getting their personal settings back, wherever in the world. The businesses we supply to have vastly different requirements, the main one being, that it has One and only One Administrator, an No Other User Accounts. I can fully understand the benefit of Windows Security for the type of application where internet activity is expected, however, why is that aditional security not offered as an installation option, so that those who deem they do not need it, can avoid it. That type of Security Architecture, when it is enforced ( Vista Win 8) rather than Optional (Win XP) is precisely what is causing people to recycle Old Software, start looking at Linux, etc. Seeing all the CutBack versions of Win7 now for sale, Why can MS not supply a Version, with No Security Restrictions, and a Free Access for All on a small LAN.(mayBe blocked from running WAN and INET options) There is a Lot of activity around the world
I never develop desktop applications, but even I know that you can completely disable UAC (security prompts) via a Group Policy. You might also like to know that there is Windows Embedded, which is a OS that is precisely designed for building industrial/POS/whatever appliances. It should be your job to know that stuff. I provided you with at two viable options, and one is immediately applicable to existing Vista/7 machines. Where do I send the invoice? :D At any rate, it seems to me that you are a bit behind schedule, as the same "new" security model has been around since Vista and you had plenty of time to change your application to comply with it. Actually, XP and its predecessors encouraged developers to write crap everywhere in the system, causing all sorts of security and stability problems. Vista and 7 force developers to write only in a few pre-defined places, and if the application needs to write somewhere else, then the user has to authorize the operation. I'm a developer, but I'm also an end-user, and I think that UAC was the right thing to do to protect users from both themselves and malicious (or simply badly-written) programs. In other words, the fact that previous OS versions allowed you to do nasty things doesn't mean that you should be allowed forever. I would architect the application so that it doesn't require special permissions to the user, and all "elevated" code runs in a service (as others suggested).
If you truly believe you need to pick a mobile phone that "says something" about your personality, don't bother. You don't have a personality. A mental illness, maybe, but not a personality. [Charlie Brooker] ScrewTurn Wiki, Software Localization Tools & Services and My Blog
-
Hi, We run a small business, providing Sales Terminals, ShopFloor Terminalst etc. for European Laundrettes and Drycleaners. None of the terminals are likely to be connected to the Internet, the vast majority are Stand Alone, a few have several terminals (Limited to 16), which operate over the network on a File Share basis. It is one of the licensing conditions that each machine has No other software installed but which came witht the OS, and that no machine is attached to an external network. The first version was developed for DOS, we went thru Win 3.1(Great Improvement), Win95/98 (Hard Job, but worth the Effort) to Windows XP. Here it realy excelled. The NT File System was a major improvement, Getting Rid of 'Sections' and a Flat Memory Model took a while to weed out, but the benefits were clear to see. Then we got Vista. Prior to Vista, we had Computers, owned by the business, organised around our More than Adequate security Model, but, Vista interfered, demanding Confirmation at every Step. We immediately dismissed Vista, it is still on our list of Un-Supported Systems. At the moment we have an 'Unsurpassed Supply' of Windows XP Computers, which we recycle, retaining the Windows XP OS. Now, This will come to an end, sooner or later. Does anyone have any idea how to knobble the (un wanted) Windows 7 Security System, so as to allow me to Create,Write and Modify ANY File or Registry Entry, without an Inappropriate Security question inbetween. Microsoft has developed an Operating system that is geared around the likes of Insurance Sales men, Dipping In and Out of office boots, and by logging in, getting their personal settings back, wherever in the world. The businesses we supply to have vastly different requirements, the main one being, that it has One and only One Administrator, an No Other User Accounts. I can fully understand the benefit of Windows Security for the type of application where internet activity is expected, however, why is that aditional security not offered as an installation option, so that those who deem they do not need it, can avoid it. That type of Security Architecture, when it is enforced ( Vista Win 8) rather than Optional (Win XP) is precisely what is causing people to recycle Old Software, start looking at Linux, etc. Seeing all the CutBack versions of Win7 now for sale, Why can MS not supply a Version, with No Security Restrictions, and a Free Access for All on a small LAN.(mayBe blocked from running WAN and INET options) There is a Lot of activity around the world
-
Hi, We run a small business, providing Sales Terminals, ShopFloor Terminalst etc. for European Laundrettes and Drycleaners. None of the terminals are likely to be connected to the Internet, the vast majority are Stand Alone, a few have several terminals (Limited to 16), which operate over the network on a File Share basis. It is one of the licensing conditions that each machine has No other software installed but which came witht the OS, and that no machine is attached to an external network. The first version was developed for DOS, we went thru Win 3.1(Great Improvement), Win95/98 (Hard Job, but worth the Effort) to Windows XP. Here it realy excelled. The NT File System was a major improvement, Getting Rid of 'Sections' and a Flat Memory Model took a while to weed out, but the benefits were clear to see. Then we got Vista. Prior to Vista, we had Computers, owned by the business, organised around our More than Adequate security Model, but, Vista interfered, demanding Confirmation at every Step. We immediately dismissed Vista, it is still on our list of Un-Supported Systems. At the moment we have an 'Unsurpassed Supply' of Windows XP Computers, which we recycle, retaining the Windows XP OS. Now, This will come to an end, sooner or later. Does anyone have any idea how to knobble the (un wanted) Windows 7 Security System, so as to allow me to Create,Write and Modify ANY File or Registry Entry, without an Inappropriate Security question inbetween. Microsoft has developed an Operating system that is geared around the likes of Insurance Sales men, Dipping In and Out of office boots, and by logging in, getting their personal settings back, wherever in the world. The businesses we supply to have vastly different requirements, the main one being, that it has One and only One Administrator, an No Other User Accounts. I can fully understand the benefit of Windows Security for the type of application where internet activity is expected, however, why is that aditional security not offered as an installation option, so that those who deem they do not need it, can avoid it. That type of Security Architecture, when it is enforced ( Vista Win 8) rather than Optional (Win XP) is precisely what is causing people to recycle Old Software, start looking at Linux, etc. Seeing all the CutBack versions of Win7 now for sale, Why can MS not supply a Version, with No Security Restrictions, and a Free Access for All on a small LAN.(mayBe blocked from running WAN and INET options) There is a Lot of activity around the world
Hi! As others have mentioned, there are many resources on the net discussing the security model in detail and telling you what to do if you don't need/want the default settings. If you haven't been able to read and understand these options in almost 5 years now then you're really way behind.
Regards, mav -- Black holes are the places where God divided by 0...
-
Hi, We run a small business, providing Sales Terminals, ShopFloor Terminalst etc. for European Laundrettes and Drycleaners. None of the terminals are likely to be connected to the Internet, the vast majority are Stand Alone, a few have several terminals (Limited to 16), which operate over the network on a File Share basis. It is one of the licensing conditions that each machine has No other software installed but which came witht the OS, and that no machine is attached to an external network. The first version was developed for DOS, we went thru Win 3.1(Great Improvement), Win95/98 (Hard Job, but worth the Effort) to Windows XP. Here it realy excelled. The NT File System was a major improvement, Getting Rid of 'Sections' and a Flat Memory Model took a while to weed out, but the benefits were clear to see. Then we got Vista. Prior to Vista, we had Computers, owned by the business, organised around our More than Adequate security Model, but, Vista interfered, demanding Confirmation at every Step. We immediately dismissed Vista, it is still on our list of Un-Supported Systems. At the moment we have an 'Unsurpassed Supply' of Windows XP Computers, which we recycle, retaining the Windows XP OS. Now, This will come to an end, sooner or later. Does anyone have any idea how to knobble the (un wanted) Windows 7 Security System, so as to allow me to Create,Write and Modify ANY File or Registry Entry, without an Inappropriate Security question inbetween. Microsoft has developed an Operating system that is geared around the likes of Insurance Sales men, Dipping In and Out of office boots, and by logging in, getting their personal settings back, wherever in the world. The businesses we supply to have vastly different requirements, the main one being, that it has One and only One Administrator, an No Other User Accounts. I can fully understand the benefit of Windows Security for the type of application where internet activity is expected, however, why is that aditional security not offered as an installation option, so that those who deem they do not need it, can avoid it. That type of Security Architecture, when it is enforced ( Vista Win 8) rather than Optional (Win XP) is precisely what is causing people to recycle Old Software, start looking at Linux, etc. Seeing all the CutBack versions of Win7 now for sale, Why can MS not supply a Version, with No Security Restrictions, and a Free Access for All on a small LAN.(mayBe blocked from running WAN and INET options) There is a Lot of activity around the world
In addition to the excellent suggestions already given you might want to investigate 'kiosk mode' operation since that mode aims to overcome many of the same problems as your situation. I do not think it would be an exact match but it might give you a few ideas. The first answer in this[^] thread has several links to get you started. Also, some information on SteadyState[^].
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.” I wouldn't let CG touch my Abacus! When you're wrestling a gorilla, you don't stop when you're tired, you stop when the gorilla is.
-
Hi, We run a small business, providing Sales Terminals, ShopFloor Terminalst etc. for European Laundrettes and Drycleaners. None of the terminals are likely to be connected to the Internet, the vast majority are Stand Alone, a few have several terminals (Limited to 16), which operate over the network on a File Share basis. It is one of the licensing conditions that each machine has No other software installed but which came witht the OS, and that no machine is attached to an external network. The first version was developed for DOS, we went thru Win 3.1(Great Improvement), Win95/98 (Hard Job, but worth the Effort) to Windows XP. Here it realy excelled. The NT File System was a major improvement, Getting Rid of 'Sections' and a Flat Memory Model took a while to weed out, but the benefits were clear to see. Then we got Vista. Prior to Vista, we had Computers, owned by the business, organised around our More than Adequate security Model, but, Vista interfered, demanding Confirmation at every Step. We immediately dismissed Vista, it is still on our list of Un-Supported Systems. At the moment we have an 'Unsurpassed Supply' of Windows XP Computers, which we recycle, retaining the Windows XP OS. Now, This will come to an end, sooner or later. Does anyone have any idea how to knobble the (un wanted) Windows 7 Security System, so as to allow me to Create,Write and Modify ANY File or Registry Entry, without an Inappropriate Security question inbetween. Microsoft has developed an Operating system that is geared around the likes of Insurance Sales men, Dipping In and Out of office boots, and by logging in, getting their personal settings back, wherever in the world. The businesses we supply to have vastly different requirements, the main one being, that it has One and only One Administrator, an No Other User Accounts. I can fully understand the benefit of Windows Security for the type of application where internet activity is expected, however, why is that aditional security not offered as an installation option, so that those who deem they do not need it, can avoid it. That type of Security Architecture, when it is enforced ( Vista Win 8) rather than Optional (Win XP) is precisely what is causing people to recycle Old Software, start looking at Linux, etc. Seeing all the CutBack versions of Win7 now for sale, Why can MS not supply a Version, with No Security Restrictions, and a Free Access for All on a small LAN.(mayBe blocked from running WAN and INET options) There is a Lot of activity around the world
Yes, you can get around the Windows 7 security stuff by turning off the UAC and having the system boot into an admin account that doesn't have a password. HOWEVER, if your application requires admin access to run, or requires that the UAC be turned off, then maybe you should refactor your app.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass." - Dale Earnhardt, 1997 -
Give your app elevated privileges and load it as a service at startup, it will run with the admin security token. Then have it communicate with whatever user space component you use for the UI and you'll have all of the security that's available without the nagging questions. What is your application doing that requires admin level access?
All of my software is powered by a single Watt.
Been there, do that with our current product. Our architecture was already that style, so adapting to Win7 wasn't terribly painful. The worst part was our product stores a fair amount of configuration information in the registry under
HKEY_LOCAL_MACHINE, which is virtualized to a key underHKEY_CURRENT_USERfor user applications. This means our services and our UI app couldn't share this information, so we cheated. We now have a service that the UI talks to via a TCP/IP socket when it needs to access the registry underHKEY_LOCAL_MACHINE. One bit of serendipity is that we have a registry class that wraps the Win32 registry API. Now, when the app runs under Win7, it talks to the service instead. None of the UI application needs to be aware that the registry service even exists. We don't even notice the difference in performance, since we don't do registry access all that frequently, and the operations have only gone from dozens of microseconds to a couple hundred. Oh, and our application continues to run without requiring elevated privileges as a 'normal' user.Software Zen:
delete this; -
Hi, We run a small business, providing Sales Terminals, ShopFloor Terminalst etc. for European Laundrettes and Drycleaners. None of the terminals are likely to be connected to the Internet, the vast majority are Stand Alone, a few have several terminals (Limited to 16), which operate over the network on a File Share basis. It is one of the licensing conditions that each machine has No other software installed but which came witht the OS, and that no machine is attached to an external network. The first version was developed for DOS, we went thru Win 3.1(Great Improvement), Win95/98 (Hard Job, but worth the Effort) to Windows XP. Here it realy excelled. The NT File System was a major improvement, Getting Rid of 'Sections' and a Flat Memory Model took a while to weed out, but the benefits were clear to see. Then we got Vista. Prior to Vista, we had Computers, owned by the business, organised around our More than Adequate security Model, but, Vista interfered, demanding Confirmation at every Step. We immediately dismissed Vista, it is still on our list of Un-Supported Systems. At the moment we have an 'Unsurpassed Supply' of Windows XP Computers, which we recycle, retaining the Windows XP OS. Now, This will come to an end, sooner or later. Does anyone have any idea how to knobble the (un wanted) Windows 7 Security System, so as to allow me to Create,Write and Modify ANY File or Registry Entry, without an Inappropriate Security question inbetween. Microsoft has developed an Operating system that is geared around the likes of Insurance Sales men, Dipping In and Out of office boots, and by logging in, getting their personal settings back, wherever in the world. The businesses we supply to have vastly different requirements, the main one being, that it has One and only One Administrator, an No Other User Accounts. I can fully understand the benefit of Windows Security for the type of application where internet activity is expected, however, why is that aditional security not offered as an installation option, so that those who deem they do not need it, can avoid it. That type of Security Architecture, when it is enforced ( Vista Win 8) rather than Optional (Win XP) is precisely what is causing people to recycle Old Software, start looking at Linux, etc. Seeing all the CutBack versions of Win7 now for sale, Why can MS not supply a Version, with No Security Restrictions, and a Free Access for All on a small LAN.(mayBe blocked from running WAN and INET options) There is a Lot of activity around the world
Why does Microsoft set all this up by default?? Because in the past they've been ripped up in the media for NOT having it secured by default. Admins who didn't know what they were doing were put in charge of setting up all kinds of stuff and not securing any of it. Then schmucks come by with nothing better to do and just hack into it and cause all sorts of damage or write viruses and unleash them on unsuspecting users. Bascially, MS was forced to secure everything by default to protect the innocent from themselves.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak -
Been there, do that with our current product. Our architecture was already that style, so adapting to Win7 wasn't terribly painful. The worst part was our product stores a fair amount of configuration information in the registry under
HKEY_LOCAL_MACHINE, which is virtualized to a key underHKEY_CURRENT_USERfor user applications. This means our services and our UI app couldn't share this information, so we cheated. We now have a service that the UI talks to via a TCP/IP socket when it needs to access the registry underHKEY_LOCAL_MACHINE. One bit of serendipity is that we have a registry class that wraps the Win32 registry API. Now, when the app runs under Win7, it talks to the service instead. None of the UI application needs to be aware that the registry service even exists. We don't even notice the difference in performance, since we don't do registry access all that frequently, and the operations have only gone from dozens of microseconds to a couple hundred. Oh, and our application continues to run without requiring elevated privileges as a 'normal' user.Software Zen:
delete this;Uhh, couldn't you just change the security on the registry key if you want to grant access to all users? Seems way easier than installing a service to me...
-
Uhh, couldn't you just change the security on the registry key if you want to grant access to all users? Seems way easier than installing a service to me...
Unfortunately, no. Windows 7 virtualizes (redirects) access to
HKEY_LOCAL_MACHINEby user applications. Write operations go to the virtualized key underHKEY_CURRENT_USER. Read operations come from the virtualized key if the subkey exists, and from the global version otherwise. This change in functionality isn't triggered by security, but a fundamental change in behavior.Software Zen:
delete this; -
Unfortunately, no. Windows 7 virtualizes (redirects) access to
HKEY_LOCAL_MACHINEby user applications. Write operations go to the virtualized key underHKEY_CURRENT_USER. Read operations come from the virtualized key if the subkey exists, and from the global version otherwise. This change in functionality isn't triggered by security, but a fundamental change in behavior.Software Zen:
delete this;Uhh, you know that you can turn off virtualization in the app manifest? In fact, having any UAC manifest at all will disable virtualization. It's only there for compatibility with WinXP applications that store their settings in HKEY_LOCAL_MACHINE despite not being intended for use my multiple users. You can use task manager to see if a process has virtualization enabled (View > Select Columns > UAC Virtualization).
-
Uhh, you know that you can turn off virtualization in the app manifest? In fact, having any UAC manifest at all will disable virtualization. It's only there for compatibility with WinXP applications that store their settings in HKEY_LOCAL_MACHINE despite not being intended for use my multiple users. You can use task manager to see if a process has virtualization enabled (View > Select Columns > UAC Virtualization).
Unfortunately we can't do that in our environment. Our application is required to run un-privileged. We've reviewed any number of techniques to get around this issue with some of our more clinically paranoid security-conscious customers, and they nixed anything that sounded like disabling or defeaturing UAC (even on a per-process basis).
Software Zen:
delete this; -
Uhh, couldn't you just change the security on the registry key if you want to grant access to all users? Seems way easier than installing a service to me...
Services are not that much extra work, there are just a few guidelines to follow and supporting a modest message handling interface. They are excellent for background tasks, especially in the context that Gary described. I can see your point about the simplicity in the solutions you have suggested. I think the general problem is most developers dont understand what they're mucking with to begin with when they are playing with the files in /Windows, /Public Files, or HKEY_LOCAL_MACHINE registry. They are all just a means to an end, and I am sure that leads to quite a bit of the instabilities that people experience with Windows (not all :)) I am pretty happy with the security mechanisms that MS has put in place. None of the issues are insurmountable to work around without disabling them. These features aren't all that different than user and group level access to files and directories found in UNIX and LINUX variants.
All of my software is powered by a single Watt.
-
Unfortunately we can't do that in our environment. Our application is required to run un-privileged. We've reviewed any number of techniques to get around this issue with some of our more clinically paranoid security-conscious customers, and they nixed anything that sounded like disabling or defeaturing UAC (even on a per-process basis).
Software Zen:
delete this;Having a UAC manifest does not imply your application is running privileged or will cause any prompt. It simply means "this program is compatible with Vista, turn off that damn virtualization". Here is an example manifest that turns off virtualization but does not cause any elevation or UAC prompt:
<?xml version="1.0" encoding="utf-8"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>By the way, this manifest is embedded by default in all new projects created with VS 2008 or higher. And don't worry about
uiAccess="false"- that doesn't mean your process can't display a UI, it just means your process cannot access the UI of other (elevated) processes. Edit: here's the documentation on UAC manifests: http://msdn.microsoft.com/en-us/library/bb756929.aspx[^] -
Been there, do that with our current product. Our architecture was already that style, so adapting to Win7 wasn't terribly painful. The worst part was our product stores a fair amount of configuration information in the registry under
HKEY_LOCAL_MACHINE, which is virtualized to a key underHKEY_CURRENT_USERfor user applications. This means our services and our UI app couldn't share this information, so we cheated. We now have a service that the UI talks to via a TCP/IP socket when it needs to access the registry underHKEY_LOCAL_MACHINE. One bit of serendipity is that we have a registry class that wraps the Win32 registry API. Now, when the app runs under Win7, it talks to the service instead. None of the UI application needs to be aware that the registry service even exists. We don't even notice the difference in performance, since we don't do registry access all that frequently, and the operations have only gone from dozens of microseconds to a couple hundred. Oh, and our application continues to run without requiring elevated privileges as a 'normal' user.Software Zen:
delete this;I wouldn't call it serendipity at all, it seems to me that was the right design to use and you simply created a solution that just "Works". Applications shouldn't require elevated privileges to run, it just causes all sorts of incompatibilities. Visual Studio for instance, I occasionally use this plug-in that doesn't function properly unless I start VS in admin mode (on Vista). Well by doing that, all of the other user mode apps that I am running, including Windows Explorer can't properly interface with VS anymore. Drag-and-Drop file support from and open explorer window onto VS will fail becaues of the differences in security levels.
All of my software is powered by a single Watt.
-
Services are not that much extra work, there are just a few guidelines to follow and supporting a modest message handling interface. They are excellent for background tasks, especially in the context that Gary described. I can see your point about the simplicity in the solutions you have suggested. I think the general problem is most developers dont understand what they're mucking with to begin with when they are playing with the files in /Windows, /Public Files, or HKEY_LOCAL_MACHINE registry. They are all just a means to an end, and I am sure that leads to quite a bit of the instabilities that people experience with Windows (not all :)) I am pretty happy with the security mechanisms that MS has put in place. None of the issues are insurmountable to work around without disabling them. These features aren't all that different than user and group level access to files and directories found in UNIX and LINUX variants.
All of my software is powered by a single Watt.
A service is much more complex than turning off virtualization and granting permissions to a registry key. And when that service uses TCP sockets, you'll have to worry about security issues in that service - if not written carefully, it might be remotely exploitable.
Paul Watt wrote:
I think the general problem is most developers dont understand what they're mucking with to begin with
Yes, that's the problem. Almost no one bothers to understand UAC before trying to find workarounds for it. Some reading of the UAC documentation[^] would have helped eliminating some elaborate workarounds. The above combined with some knowledge of the Windows Task Scheduler could probably get rid of half of the "updater" background services currently running on my machine.
-
Having a UAC manifest does not imply your application is running privileged or will cause any prompt. It simply means "this program is compatible with Vista, turn off that damn virtualization". Here is an example manifest that turns off virtualization but does not cause any elevation or UAC prompt:
<?xml version="1.0" encoding="utf-8"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>By the way, this manifest is embedded by default in all new projects created with VS 2008 or higher. And don't worry about
uiAccess="false"- that doesn't mean your process can't display a UI, it just means your process cannot access the UI of other (elevated) processes. Edit: here's the documentation on UAC manifests: http://msdn.microsoft.com/en-us/library/bb756929.aspx[^]Thanks, Daniel. I'm going to look into this when I get into work tomorrow. I'm afraid that when I did my original research, I didn't find any mention of doing this with a manifest, other than signaling that my app requires admin privileges, which I'm not allowed to do. The hard part may be telling my minion that his four weeks on work on the registry service :wtf: (I can hardly believe it myself) are being chucked in the can.
Software Zen:
delete this; -
I wouldn't call it serendipity at all, it seems to me that was the right design to use and you simply created a solution that just "Works". Applications shouldn't require elevated privileges to run, it just causes all sorts of incompatibilities. Visual Studio for instance, I occasionally use this plug-in that doesn't function properly unless I start VS in admin mode (on Vista). Well by doing that, all of the other user mode apps that I am running, including Windows Explorer can't properly interface with VS anymore. Drag-and-Drop file support from and open explorer window onto VS will fail becaues of the differences in security levels.
All of my software is powered by a single Watt.
Think the comments in this thread sums up the lack of sensible design by the Microsoft developers. If the people who are going to write for the system can't understand its complexities (or don't have time to learn them!) then that in itself is a very real security risk. Comments here show that. The best security is simple security that people understand!
-
Hi, We run a small business, providing Sales Terminals, ShopFloor Terminalst etc. for European Laundrettes and Drycleaners. None of the terminals are likely to be connected to the Internet, the vast majority are Stand Alone, a few have several terminals (Limited to 16), which operate over the network on a File Share basis. It is one of the licensing conditions that each machine has No other software installed but which came witht the OS, and that no machine is attached to an external network. The first version was developed for DOS, we went thru Win 3.1(Great Improvement), Win95/98 (Hard Job, but worth the Effort) to Windows XP. Here it realy excelled. The NT File System was a major improvement, Getting Rid of 'Sections' and a Flat Memory Model took a while to weed out, but the benefits were clear to see. Then we got Vista. Prior to Vista, we had Computers, owned by the business, organised around our More than Adequate security Model, but, Vista interfered, demanding Confirmation at every Step. We immediately dismissed Vista, it is still on our list of Un-Supported Systems. At the moment we have an 'Unsurpassed Supply' of Windows XP Computers, which we recycle, retaining the Windows XP OS. Now, This will come to an end, sooner or later. Does anyone have any idea how to knobble the (un wanted) Windows 7 Security System, so as to allow me to Create,Write and Modify ANY File or Registry Entry, without an Inappropriate Security question inbetween. Microsoft has developed an Operating system that is geared around the likes of Insurance Sales men, Dipping In and Out of office boots, and by logging in, getting their personal settings back, wherever in the world. The businesses we supply to have vastly different requirements, the main one being, that it has One and only One Administrator, an No Other User Accounts. I can fully understand the benefit of Windows Security for the type of application where internet activity is expected, however, why is that aditional security not offered as an installation option, so that those who deem they do not need it, can avoid it. That type of Security Architecture, when it is enforced ( Vista Win 8) rather than Optional (Win XP) is precisely what is causing people to recycle Old Software, start looking at Linux, etc. Seeing all the CutBack versions of Win7 now for sale, Why can MS not supply a Version, with No Security Restrictions, and a Free Access for All on a small LAN.(mayBe blocked from running WAN and INET options) There is a Lot of activity around the world
Hmm sounds like a perfect job for Linux. Have you ever considered using Linux?
The best way to accelerate a Macintosh is at 9.8m/sec-sec - Marcus Dolengo
-
Hi, We run a small business, providing Sales Terminals, ShopFloor Terminalst etc. for European Laundrettes and Drycleaners. None of the terminals are likely to be connected to the Internet, the vast majority are Stand Alone, a few have several terminals (Limited to 16), which operate over the network on a File Share basis. It is one of the licensing conditions that each machine has No other software installed but which came witht the OS, and that no machine is attached to an external network. The first version was developed for DOS, we went thru Win 3.1(Great Improvement), Win95/98 (Hard Job, but worth the Effort) to Windows XP. Here it realy excelled. The NT File System was a major improvement, Getting Rid of 'Sections' and a Flat Memory Model took a while to weed out, but the benefits were clear to see. Then we got Vista. Prior to Vista, we had Computers, owned by the business, organised around our More than Adequate security Model, but, Vista interfered, demanding Confirmation at every Step. We immediately dismissed Vista, it is still on our list of Un-Supported Systems. At the moment we have an 'Unsurpassed Supply' of Windows XP Computers, which we recycle, retaining the Windows XP OS. Now, This will come to an end, sooner or later. Does anyone have any idea how to knobble the (un wanted) Windows 7 Security System, so as to allow me to Create,Write and Modify ANY File or Registry Entry, without an Inappropriate Security question inbetween. Microsoft has developed an Operating system that is geared around the likes of Insurance Sales men, Dipping In and Out of office boots, and by logging in, getting their personal settings back, wherever in the world. The businesses we supply to have vastly different requirements, the main one being, that it has One and only One Administrator, an No Other User Accounts. I can fully understand the benefit of Windows Security for the type of application where internet activity is expected, however, why is that aditional security not offered as an installation option, so that those who deem they do not need it, can avoid it. That type of Security Architecture, when it is enforced ( Vista Win 8) rather than Optional (Win XP) is precisely what is causing people to recycle Old Software, start looking at Linux, etc. Seeing all the CutBack versions of Win7 now for sale, Why can MS not supply a Version, with No Security Restrictions, and a Free Access for All on a small LAN.(mayBe blocked from running WAN and INET options) There is a Lot of activity around the world
You've said your application shouldn't run with elevated privileges, but you seem to then want it to do things that require elevated privileges. To be frank, are you sure the problem is the design of the Windows security model rather than the design of your application? I can't say I quite understand why a shop floor application would ever need to do things with which the Windows security model would interfere. Why are you storing user-level data in places that create UAC prompts? The entire "one, administrative user" model is so clearly flawed I am very surprised you are still going down that road when modern operating systems allow you to do better. Do you really want users on the shop floor running as administrators? I should think not; the administrative account should only be used by, well, you, when you are installing and configuring this stuff, and the application itself ought to be running as a regular, non-privileged user, always. Security protections, including UAC, aren't just about the Internet, they are also about the users, the public, whoever is using the computer, and what they can do to the machine. I should think you'd be well aware that users will do just about anything they can to a computer system, and in that regard, Windows 7 is a vast improvement over earlier operating systems in which systems of the type you describe had no way of truly locking them down. So I think you'd need to provide a little more explanation or justification before you've demonstrated that Windows is actually the real problem here.