Justin, That all makes sense, but don't you think there is something wrong here. Like for example let's look at the UAC for example in this case.
If you read any of the KB's and this is what I did suggest to Dale, but it obviously did not work for him. When developing anything in VS2005, you must be running as an Administrator and the user must be in the Adminstrators group as described by the KB articles and run VS2005 with 'run as an administrator'. Now if I read that right, I can then develop an application install it into the program files directory and if all goes well by the KB that application should be running as an elevated administrator. Now that begs the question, why the hell does a developer need to go to that lengths to develop an application that then has full control of that area of the system, what is it actually stopping. In my opinion it's not stopping anything at all, and is just proving that the UAC is a waste of space. Unless there is something I am missing of course. Andrew Scott Senior Coldfusion Developer Aegeon Pty. Ltd. www.aegeon.com.au Phone: +613 8676 4223 Mobile: 0404 998 273 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Justin Carter Sent: Friday, 13 April 2007 12:21 PM To: cfaussie Subject: [cfaussie] Re: OT: Vista Application On Apr 13, 10:35 am, "Dale Fraser" <[EMAIL PROTECTED]> wrote: > My point exactly, if stopping you putting data into program files is > supposed to stop you accessing applications some how, then people start > installing outside program files, then nothing has been stopped. The point is that applications installed to Program Files can be trusted, and apps installed outside it cannot. If writing to Program Files requires a priviledge elevation through UAC then it is hard for a virus to compromise an application which you trust. And when you run a trusted application as Administrator and agree to the priviledge elevation through UAC you want to be safe in the knowledge that you *really* trust the app to do what it needs to do. If an app has become compromised because it was stored outside Program Files and you run it as Administrator then you are in deep trouble, because you have given a free ticket to any injected code to do what it likes with your system (to a certain extent). I'm sure we'll hear horror stories about ignoring best practises or turning off UAC in the months and years to come. It is inevitable really... But that's just my 2c. It's there for our protection, not to piss us off; really it's not ;) -- Justin http://www.madfellas.com/blog --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to [EMAIL PROTECTED] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~----------~----~----~----~------~----~------~--~---
