VS2005/Vista issues
in [MFC]
|
From: David Wilkinson on 9 Jun 2007 07:07 David Ching wrote: > "Joseph M. Newcomer" <newcomer(a)flounder.com> wrote in message > news:reak63lhj9b6crv83kg4ve912hk1b4nras(a)4ax.com... >> OK. But this will let me normally run with the lower privileges of an >> ordinary user most >> of the time, then? > > Exactly. In Vista, there's no difference between an Admin user and a > Limited user, other than whether you need to provide an Admin password when > elevation is required or whether you just need to click Continue. David: There is a bit more difference than that. When the standard user supplies a password, the elevated process runs in the context of the admin user rather than the original standard user. In particular, if the process writes to HKCU or the Documents folder, then these writes will not be seen by the original user. This is why installation programs that require admin rights should never write to HKCU or the Documents folder. For sophisticated users, I think UAC is a great thing, because it allows them to run safely from an admin account. For unsophisticated users, I'm not so sure, because they may just find UAC annoying and either turn it off or get in the habit of always clicking OK without thinking. -- David Wilkinson Visual C++ MVP
From: David Ching on 9 Jun 2007 10:43 "David Wilkinson" <no-reply(a)effisols.com> wrote in message news:eFX4t3nqHHA.4280(a)TK2MSFTNGP05.phx.gbl... > There is a bit more difference than that. When the standard user supplies > a password, the elevated process runs in the context of the admin user > rather than the original standard user. Thanks, I had not known that! > For sophisticated users, I think UAC is a great thing, because it allows > them to run safely from an admin account. For unsophisticated users, I'm > not so sure, because they may just find UAC annoying and either turn it > off or get in the habit of always clicking OK without thinking. > UAC is certainly an imperfect solution that no one should feel very proud of. -- David
From: Alexander Grigoriev on 9 Jun 2007 14:51 Actually there is BIG difference. A "limited" process running under administrator account can open a handle to an "elevated" process with full access rights and screw with it any way it wants - run a remote thread, inject code, etc. It's like being on the other side of the fence, but still having a key to the gate. So it's just an illusion of protection. A process running under "true" limited user CANNOT open handle to an administrator process. It even cannot send arbitrary windows messages to it. "David Ching" <dc(a)remove-this.dcsoft.com> wrote in message news:%4qai.7287$u56.6575(a)newssvr22.news.prodigy.net... > "Joseph M. Newcomer" <newcomer(a)flounder.com> wrote in message > news:reak63lhj9b6crv83kg4ve912hk1b4nras(a)4ax.com... >> OK. But this will let me normally run with the lower privileges of an >> ordinary user most >> of the time, then? > > Exactly. In Vista, there's no difference between an Admin user and a > Limited user, other than whether you need to provide an Admin password > when elevation is required or whether you just need to click Continue. > > >> I'm still struggling with all this privilege stuff, but I want to be >> testing in a "normal" user environment most of the time. So I really >> want the extra >> step---I've found that I don't need it *all* that often, so I'm trying to >> create a >> realistic test environment, but when I need it, I don't want to have to >> give the password. >> So I'll do as you suggest. > > Yeah, this will work perfectly for you. > > -- David > >
From: David Ching on 9 Jun 2007 16:29 "Alexander Grigoriev" <alegr(a)earthlink.net> wrote in message news:%23uYYLjsqHHA.1220(a)TK2MSFTNGP04.phx.gbl... > Actually there is BIG difference. A "limited" process running under > administrator account can open a handle to an "elevated" process with full > access rights and screw with it any way it wants - run a remote thread, > inject code, etc. It's like being on the other side of the fence, but > still having a key to the gate. So it's just an illusion of protection. > I know for a fact that an unelevated process running in an Admin account that sets a global keyboard hook (SetWindowsHookEx(WH_KEYBOARD_LL)) does NOT get notifications for keystrokes of an elevated process running in the same Admin account. So I would think that if an unelevated process tried to call CreateRemoteThread() for an elevated process, it would fail in the same manner, but I haven't tried it. -- David
From: Norman Diamond on 10 Jun 2007 20:29
"Anthony Wieser" <newsgroups-sansspam(a)wieser-software.com> wrote in message news:e2J4t9mqHHA.5092(a)TK2MSFTNGP04.phx.gbl... > "Joseph M. Newcomer" <newcomer(a)flounder.com> wrote in message > news:d7cj63l709jops1l9b8cve9gsrcn41hsqi(a)4ax.com... >> I spoke too soon about VS2005 Vista SP1 being more reliable; doing rather >> trivial single-threaded app debugging, I've managed to crash it six times >> in the last hour. >> >> It must be run as administrator, which requires an administrator >> password. What I'd like to do is set myself up to run as a normal user, >> but with the privileges of running as administrator whenever I want to >> with only the simple confirmation box (not the need to type in a name and >> password each time). Any possibility Vista supports something like this? > > I'm successfully running VS2005 sp1 on vista from a limited user account. I'm successfully running VS2005 SP1 with Vista hotfix on Vista without privileges, for various lengths of time. It does start running and runs for some random length of time. > I think only certain obscure debugging functionality actually requires a > full admin account. You mean that if you don't need obscure debugging functionality then Microsoft is lying when they put up that prompt recommending use of administrative privileges? I thought it was illegal or immoral to notice that Microsoft tells lies like that. But it doesn't matter. Debugging or not, when VS2005 SP1 with Vista hotfix runs on Vista successfully for some random length of time, it's a good thing, and all good things come to an end. Now, Dr. Newcomer *knows* how to overcome this. In principle, use Windows 2000 or Windows XP on the development machine, and use Vista on the target machine. You don't even need a serial link, this is user-mode stuff and you can copy the executables across the network. Well, that's the principle. In practice, the development machine has to be Windows XP, because Windows 2000 isn't Genuine. |