ANS: "What's the deal with UAC (Windows Needs Your Permission screens)" and "...But I thought I was

Discussion in 'Windows Vista Administration' started by Jimmy Brush, Jul 31, 2006.

  1. Jimmy Brush

    Julian Guest

    I understand the basic principle of not wanting programs to run unchecked.
    My problem is that I cannot even download certain programs, let alone
    install and then run them.
    I have a Cruzer thumb drive that prompted me that a Vista update was
    availabel, but when I clicked on the install link, I got a download dialogue
    box stating that it appears that I do not have administrative rights, so I
    could not even download the update. This is very frustrating.
    How does this get bypassed in Vista Home Premium ?
    I was also not allowed to add a network printer.
    Is there a better way ? I am the sole user of my personal laptop and Vista
    came preloaded.
    Thanks,
    Julian
     
    Julian, Aug 19, 2007
    1. Advertisements

  2. Jimmy Brush

    AJR Guest

    Whew! Lots of UAC info, however one very UAC function has not been addressed
    (unless I missed some info). UAC works hand -in-hand with IE 7 to provided
    IEs "protected mode" (only in Vista).

    "Protected mode" assures that any downloads from the Internet are routed to
    the temp offline, or other temp, folder. If it is an application it verifies
    whether or not the download will ascces protected system files such as the
    Registry. If so UAC creates "virtual" system file/Registry locations to
    which it directs the download action - once UAC verifies tht the download is
    OK - it will permit it to access sysem files.
     
    AJR, Aug 19, 2007
    1. Advertisements

  3. Jimmy Brush

    johns Guest

     
    johns, Dec 17, 2007
  4. Jimmy Brush

    johns Guest

    gets permission for a program that you have installed it stops asking every
    time you boot up that is why i will stop using it i dont think it built
    right yet still needs some work
     
    johns, Dec 17, 2007
  5. This is a misconception that many people have.

    When a program asks for your permission to run with a UAC prompt, this means
    that program is asking for complete and unrestricted access to every part of
    your computer. This keeps you in control of what is happening on your
    machine.

    If you were able to allow access for this program to run, without notifying
    you, it would be very easy for a separate, malicious program to gain access
    to your computer by 'piggybacking' on this programs unrestricted access.

    At this point, it would no longer be 'your' computer.
     
    Ronnie Vernon MVP, Dec 19, 2007
  6. If another application launches the trusted application, Ronnie, the user can
    be notified that this is the case. The hijack can then be allowed or denied by
    the user. Further, if the CRC of the trusted application changes, the user can
    be notified that's so, and if there is no reason it should have changed it can
    be
    forbidden to run by the user. Maybe this is rocket science, but if Sygate could
    accomplish it with their firewall, then I suppose Microsoft could accomplish it
    with their UAC. It was simpler to put more of a burden on the user - showing
    a lack of consideration for the user meant less coding effort. They chose.
     
    Michael Jennings, Dec 19, 2007
  7. Jimmy Brush

    Mark Guest

    The misconception is that this method works.

    1. The user is frustrated with this method, because:
    a. Doesn't understand why three prompts must be answered to delete a
    file in the Programs(x86) folder.
    b. No useful information is provided in any of the prompts as to what is
    really being done that requires permission.
    e.g. "A change to the Programs(x86) folder has been initiated by
    program xxx."
    "Program xxx is attempting to create a directory under
    C:\Users\UserName."

    Instead we get something like, "Administrator priveledges are
    required for this function. Do you wish to continue?"
    What function?

    2. End result:
    a. "Of course I want to Continue." Click

    3. All that MS has done is protect themselves by giving themselves the
    ability to state, "You were warned by a prompt that 'something' was
    happening and you clicked 'continue.' It's not our fault."

    I've stated this before:
    Put UAC on your car's ignition switch.
    When you select Start, you get a prompt on the Speedometer glass,
    "Owner's permission required to continue. Do you wish to continue?"
    And you can feel safe that your car can never be used without your
    permission by those nefarious individuals out there.
     
    Mark, Dec 19, 2007
  8. Mark

    If you are seeing more than 1 prompt for an action, these are not all coming
    from UAC. You are probably seeing an 'access denied' prompt first which is
    comes from the 'Shell' because of the permissions that are set on the
    destination folder/file.

    You can click the Details button on the UAC prompt that shows the action is
    being initiated.

    You can also bypass the UAC prompt, depending on your use of the program. If
    this is an application that you are using constantly, you can create a
    Scheduled Task to start the program. Set it to start with certain triggers,
    such as at boot time or...., and set it to run with highest privileges.

    Your example of starting the car is a good one, but you forget that you have
    already proven ownership and given permission when you insert the proper
    key. This would only be a good example if every car was equipped with a
    toggle switch instead of a unique key. :)
     
    Ronnie Vernon MVP, Dec 19, 2007
  9. Jimmy Brush

    Mark Guest

    My car analogy was indicating a thief would bypass the ignition and still
    get the prompt where they simply click Continue.

    The other details are excellent information, but my point was regarding the
    "typical frustrated user."
     
    Mark, Dec 19, 2007
  10. I can't see what all the fuss is about with UAC. I've been running Vista
    for almost a year, and I rarely get a UAC prompt. Admittedly they were more
    common during the first couple of weeks, when I was installing all my
    software and setting everything up as I want it. Since then it has really
    been a non-issue.

    Tell you what helps: make your account an Administrator (don't worry, it
    still runs as a normal user), and set up UAC so you don't have to enter your
    password.

    That way you just need a single click to dismiss the UAC prompt, and -
    provided you are the sole user of your PC - there is no loss of security.

    Personally I'm quite glad when Windows warns me that something with security
    implications is about to happen.

    So:

    1/ UAC prompts warn you of possible security risks, so are A GOOD THING

    2/ They occur quite rarely, and just need a simple mouse click to dismiss

    So what on earth is all the fuss and moaning about?

    SteveT
     
    Steve Thackery, Dec 20, 2007
  11. Jimmy Brush

    Mark Guest

    PS.
    Why would the default permissions be set to prevent administrator use?
    It may not be UAC, but it is about as useful and the "regular frustrated
    Joe" ain't going to figure it out.
    Click... click... click... infected.
     
    Mark, Dec 21, 2007
  12. Jimmy Brush

    Jimmy Brush Guest

    Windows can't tell with any accuracy "if another application" is launching
    the application. That's why all the separation between admin vs. non-admin
    is necessary (UIPI, integrity levels, etc). Things that are running on a
    user's desktop can interact and intermingle to such a point that it isn't
    really possible to say "i know that process A, uninfluenced by any other
    process, is launching this trusted app at the user's request". That's why
    UAC is necessary, and why it is so important not to allow exceptions.
     
    Jimmy Brush, Dec 22, 2007
  13. Jimmy Brush

    Jimmy Brush Guest

    Hello,

    I would agree that UAC is frustrating (in some circumstances more than
    others), and your analogy is correct in the context of living, breathing
    users. Whoever is operating the computer while logged in is in control.

    Instead, UAC is there to protect users from programs ... it's there to
    insure that the programs that are requesting admin power from the user are
    doing so at the request of the user.
     
    Jimmy Brush, Dec 22, 2007
  14. The guys working on the Principle Of Least Authority are aware that
    there are still problems with their system of dealing with malware,
    which is to let it run but confine it so strictly it can't do anything,
    however they have made progress. If Microsoft is too confused
    to adequately deal with the situation, HP labs is apt to step in:
    http://www.hpl.hp.com/techreports/2003/HPL-2003-191.html
     
    Michael Jennings, Dec 22, 2007
  15. Jimmy Brush

    mayayana Guest

    There's a certain logic to that, but if that's the way
    you view your software - as "requesting admin power
    from the user", then you probably need to reassess
    what you're installing. I have all sorts of programs
    installed. In all cases, I want the software to do whatever
    it "thinks" is necessary. It's a tool in my service. If I
    didn't feel that way I wouldn't keep the software!
    In the meantime, I want Windows to be a software
    *platform*, not a decision maker.

    There's nothing wrong with running under very high
    security, especially if you're in a vulnerable network
    scenario, but to tell others that they *should* do
    as you do borders on religion.
     
    mayayana, Dec 22, 2007
  16. Jimmy Brush

    Jimmy Brush Guest

    But, Windows is not making any policy decision. UAC has nothing to do with
    deciding what should run on the system.

    All it is doing is enforcing what you are doing. If you are starting a
    program that is requesting admin access, you are expected to click continue
    :). The only time there is a bit of "warning guidance" is when the program
    being launched is unsigned, in which case the OS cannot guarantee that the
    program that you are lauching hasn't been replaced by some malware when it
    gets executed.

    UAC is protecting you when either a program would launch that you did not
    start, and you click cancel, or you notice a different looking prompt for a
    program that you expected to prompt (a normal signed prompt vs. an unsigned
    prompt, for example), and you click cancel.

    This certainly does not stop you from running malware, it just stops stuff
    from running that you did not start. UAC allows other really cool things to
    work, like programs isolated into seperate privilege levels on your desktop,
    and it also works in conjunction with other more traditional security
    products to create multiple levels of security.

    And for what it's worth, I could care less if others do as I do ... I would
    just like people to really understand what UAC is doing before they decide
    to turn it off :).
     
    Jimmy Brush, Dec 22, 2007
  17. Jimmy Brush

    Jimmy Brush Guest

    I think that some incarnation of UAC is a very important part of least
    privilege. Somehow, the OS has to be *certain* that the user is at the root
    of any action that is being initiated on their behalf. That is what UAC is
    really doing, albiet at a coarse level as you described. I would be very
    pleased to see a better implementation of it, regardless of who comes up
    with it.
     
    Jimmy Brush, Dec 22, 2007
  18. Jimmy Brush

    mayayana Guest

    But, Windows is not making any policy decision. UAC has nothing to do with
    Those are decisions made by Windows without
    my approval. I clicked an icon. That tells Windows
    "run this program". I didn't ask it to ask me for
    confirmation ... I don't want to hear about Microsoft's
    "digital signature" scam ... I don't want to be reminded
    that my crash helmet chin strap should be tightened
    before proceeding ... I just want to run the darn
    software! I'll worry about the malware, Thank-You-Very-Much.

    If Microsoft wants to help prevent malware infections,
    they could create one nag that would actually help:

    Put a big red button on
    Internet Explorer. Clicking the button would show a message
    that says, "You are about to enable scripting. Are you sure
    you want to do that? You should only enable scripting
    when absolutely necessary." Then, even if scripting is
    enabled, it will be disabled at the next website.

    And of course, the setting to disable that nag will
    be hidden somewhere like:

    HKLM\Software\Microsoft\Internet Options_
    IExplorer\JScriptWarningOptions\Security_
    ToolBarButton\DisableJSCriptWarningToolbarButton

    Then setting the value DisableJSCriptWarningToolbarButton
    to the DWORD avalue of 16439 will return control of
    browser scripting to the user. :)
     
    mayayana, Dec 22, 2007
  19. Jimmy Brush

    Jimmy Brush Guest

    If you don't care what runs on your machine with elevated privilege, by all
    means turn it off :).

    My only points were that UAC does in fact guarantee with a high degree of
    certainty that only the programs you run will have admin access to your box,
    and by using digital signatures UAC can even guarantee that the program that
    you are about to elevate is in fact the program the prompt says it as, and
    without UAC you have absolutely no control over what runs with elevated
    privilege and what doesn't (everything runs with elevated privilege,
    assuming of course you are logged in as an admin).
     
    Jimmy Brush, Dec 22, 2007
  20. Jimmy Brush

    Jimmy Brush Guest

    \> I clicked an icon. That tells Windows
    This is a common misconception people have :).

    I think this is the main reason people have a hard time grasping UAC, is
    because they believe this to be true, and at first glance it does seem like
    this would be something obvious the computer should be able to do without
    any problems.

    Unfortunately, it isn't ... Windows does not know that you are the one
    starting a program even if you double-click on it in explorer. That is
    exactly why UAC prompts you, to ascertain this.

    If this could be done without a prompt, it would be very cool indeed, and
    then the only prompt that would be needed would be the case where the
    program is unsigned.

    However, this is a much bigger technical problem than it appears at first
    glance.
     
    Jimmy Brush, Dec 22, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.