• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

The Great UAC Debate!

UAC  

1,263 members have voted

You do not have permission to vote in this poll, or see the poll results. Please sign in or register to vote in this poll.

Recommended Posts

Dashel    542
I'm really not sure why this is such a big deal. People who want UAC enabled should leave it enabled. Those who want it disabled (myself included) should disable it.

Next :)

+1

I'll also echo how annoying general customization (like the 'new' Start menu folder system) is with UAC enabled. They made it harder to organize due to folder restructuring then add in UAC and you are pretty much forced to use the new search feature to find anything. (N)

Share this post


Link to post
Share on other sites
ozgeek    157

My result from the poll:

Do I use UAC? No.

Do I run admin account? Yes

I do understand the purpose of UAC but I don't care.

Share this post


Link to post
Share on other sites
abcdefg    0
How else do you suggest any OS protect against their users installing crap? If the user decides to do something (and they have Administrator access), they are damn well going to do it.

No admin access to users.

Application installations generally require admin privileges by design. Administrators don't want their users installing applications without their permission (or at all, really). Application installs generally affect the entire machine.

B-a-d design, completely destroys security. Holy donkey, if application install affect the entire machine then that is just retarded.

If user has access to any place of course it's possible to run portable applications. In that case it's completely irrevelant whether a user has admin or limited access. Whitelists are meant to restrict that.

gain you are speaking from ignorance. If UAC is disabled, there is no way for one application to have different levels of access than another application. If UAC is disabled, any application can take ownership of any file on any drive of the system, and do with it as it pleases. Any application can manipulate, read data from, or inject code into any other application in the user's session.

Well I am not even using Vista right now but are you seriously suggesting that prior Vista there isn't any separation between applications launched with admin credentials or LUA? Huh, that would be every admin's nightmare. I know that I can't delete or alter my music files etc. without admin account. So programs that I run from my account can't touch them. If they can, then obviously Windows is completely screwed up.

This is an excerpt from

http://blogs.msdn.com/oldnewthing/archive/...7.aspx#comments

I so miss the good old dos days where things were simple and most applications weren't messing your OS structures and configuration.

What you get now, is that every dev thinks that it's cool to write 'gold' to registry on every users machine and leave that 'gold' behind. Every dev tries to use COM's to kill flies. And don't let me start on MSI. I think the fact that VS2005SP1 ~300MB (by Microsoft) cannot be installed with 5GB of free space on HDD and ruins the whole system when out of space tells everything. I really do have 'warm' feeling for this technology.

I agree, couldn't install Office trial because stupid installer had obsession to write to C:\ then I decided to be a pirate.

Dadaa it's all 'bout the money and MS choose not to accept mine by delivering uninstallable product. I don't have to tell you that Office portable works great.

Share this post


Link to post
Share on other sites
Mordkanin    225
Well I am not even using Vista right now but are you seriously suggesting that prior Vista there isn't any separation between applications launched with admin credentials or LUA? Huh, that would be every admin's nightmare. I know that I can't delete or alter my music files etc. without admin account. So programs that I run from my account can't touch them. If they can, then obviously Windows is completely screwed up.

What? I think you just described Admin Approval mode (That's default configuration with UAC on, running as an Admin)

Programs normally launch with a Medium IL, but you can force them to launch with a High IL with a UAC prompt.

Share this post


Link to post
Share on other sites
Brandon Live    232
No admin access to users.

Wait... so you're saying someone who buys a Dell computer and sets it up in their home should not have admin access to their own computer? That's absurd.

Enterprises by and large do not give admin access to most of their users. In that case, UAC is moot because UAC only applies to Administrator accounts. It grants Administrators the ability to run specific applications with lower privilege levels (without the hassle of switching accounts).

OS X has a very similar feature. The default OS X account has administrator-level privileges, but every time you install something or change a system setting, you are asked to type in your password. This is largely the same functionality as UAC, though obviously a bit more intrusive since it requires you to type your password each time.

B-a-d design, completely destroys security. Holy donkey, if application install affect the entire machine then that is just retarded.

If user has access to any place of course it's possible to run portable applications. In that case it's completely irrevelant whether a user has admin or limited access. Whitelists are meant to restrict that.

I'm not even sure what you're talking about. In enterprise environments, admins don't want their users to run "portable" applications. They don't want them running anything that wasn't provided for them by IT.

How does installing applications such that multiple users can access them destroy security? OS X, Linux, and FreeBSD work in the same way. You're saying they all got it wrong? More likely, you simply have a very narrow view of the problem and haven't considered all the angles. In your model, with no support for system-wide application installs, it would be impossible for an IT admin to install software for his users. That seems pretty broken to me...

Well I am not even using Vista right now but are you seriously suggesting that prior Vista there isn't any separation between applications launched with admin credentials or LUA? Huh, that would be every admin's nightmare. I know that I can't delete or alter my music files etc. without admin account. So programs that I run from my account can't touch them. If they can, then obviously Windows is completely screwed up.

Prior to Vista, every application that an Administrator runs has the same privileges, and can interact with every other application on the same desktop. Vista introduces UIPI which prevents applications with different privilege levels from interacting with or manipulating each other.

If you are running Windows XP as a non-admin, but you launch an application as an Admin user on the same desktop, you have immediately raised the effective privilege level of every application on that desktop to the Admin level. Because the non-admin applications can inject code into the Admin-level process and do whatever they want at that privilege level. This was one of the greatest architectural limitations in Windows prior to Vista when it comes to privilege isolation.

If you're suggesting that all users should disable UAC and then run as non-admin accounts without write access to their own personal files... that's absolutely absurd. That might work for you, which is fine. But I know about a billion Windows users who would never stand for that user experience.

Besides, all that you accomplish by doing that is exactly what UAC already does - but with a far more painful user experience and far less application compatibility.

This is an excerpt from

http://blogs.msdn.com/oldnewthing/archive/...7.aspx#comments

I so miss the good old dos days where things were simple and most applications weren't messing your OS structures and configuration.

What you get now, is that every dev thinks that it's cool to write 'gold' to registry on every users machine and leave that 'gold' behind. Every dev tries to use COM's to kill flies. And don't let me start on MSI. I think the fact that VS2005SP1 ~300MB (by Microsoft) cannot be installed with 5GB of free space on HDD and ruins the whole system when out of space tells everything. I really do have 'warm' feeling for this technology.

I agree, couldn't install Office trial because stupid installer had obsession to write to C:\ then I decided to be a pirate.

Dadaa it's all 'bout the money and MS choose not to accept mine by delivering uninstallable product. I don't have to tell you that Office portable works great.

I'm not even sure what you're on about there. Especially these "gold" registry entries and whatever that is that person tried to say about COM.

As for disk space, it's obvious that some applications require more disk space during install than they do once the installation is finished. That's not a hard concept to grasp... the installation package is compressed. The package needs to be decompressed to get at the actual installation files - and if you decide not to install all the pieces, the end result will be less disk space that was used during the install because there's no point in keeping around those extracted files that weren't used.

Share this post


Link to post
Share on other sites
Mordkanin    225
If you are running Windows XP as a non-admin, but you launch an application as an Admin user on the same desktop, you have immediately raised the effective privilege level of every application on that desktop to the Admin level. Because the non-admin applications can inject code into the Admin-level process and do whatever they want at that privilege level. This was one of the greatest architectural limitations in Windows prior to Vista when it comes to privilege isolation.

It was also impossible to run that app as an Admin, under your account profile, which I think is one of the greatest things about UAC.

Edited by MioTheGreat

Share this post


Link to post
Share on other sites
Brandon Live    232
It was also impossible to run that app as an Admin, under your account profile, which I think it one of the greatest things about UAC.

Right, you had to run in the context of a different user (which means it hits that user's registry, user profile, etc). Further, that privilege escalation problem I mentioned also gave your apps access to that admin user's personal data.

Share this post


Link to post
Share on other sites
wrack    452

What I want in UAC is to have an option to remember some choices I make.

Like in many firewall prompts...Allow, Deny, Always Allow, Always Deny. And also a management console to add, modify, edit those choices so if someone changes their mind about a program then they can do it.

Share this post


Link to post
Share on other sites
DrCheese    103
I'm hoping future versions will not have an option to disable UAC, any insider info on that possibility?

Whoa daddy.. Its posts like this that get on my nerves. Why does it matter if some of us want to turn off UAC. Does it affect you personally? No. I'm also fed up of the attitude from some people that we're all clueless n00bs if we turn it off. We get the point of what UAC is supposed to do and see how it improves security, we just really dislike the implementation of it. So much so that we turn it off.

I did a fresh install on my laptop recently with the latest SP1 and I really tried this time to stick with UAC after I'd got everything installed but it really drove me up the wall and within 2/3 days I'd turned it back off. I shouldn't have to confirm(or in some cases, double confirm, i.e renaming an icon on my desktop, yes I know the "All users" reason why it does it but still) everything I do on my PC.

So I vote no to both.

Share this post


Link to post
Share on other sites
Brandon Live    232
Whoa daddy.. Its posts like this that get on my nerves. Why does it matter if some of us want to turn off UAC. Does it affect you personally? No. I'm also fed up of the attitude from some people that we're all clueless n00bs if we turn it off. We get the point of what UAC is supposed to do and see how it improves security, we just really dislike the implementation of it. So much so that we turn it off.

I disagree. By running your machine in a blatantly insecure manner, you are opening up your box to become a DoS or e-mail spamming bot that will affect me personally. Further, it would stop people (like several on this thread) who disable UAC on other peoples machines, or who advise others to out of ignorance.

Now, if you want to run as "root" all the time by using the built-in Administrator account (which isn't affected by UAC), then that's your prerogative. But just like running as "root" on *nix / OS X, the stupidity of doing so should be obvious to anyone.

That said, improvements to UAC (and specifically, the Secure Desktop switch) are in order. SP1 improves some areas, like creating/renaming new folders and such. I'd be surprised if the UAC experience didn't improve further over time.

Share this post


Link to post
Share on other sites
Ryan R    0

I've had UAC off for as long as I can have had Vista installed. Haven't got into any mess, nothing to report. I do , however have Spybot SD installed, which is somewhat similar to the UAC - but not as annoying.

Share this post


Link to post
Share on other sites
DrCheese    103
By running your machine in a blatantly insecure manner, you are opening up your box to become a DoS or e-mail spamming bot that will affect me personally

I knew someone would say that. Again its the whole "If you don't run UAC, you must be a clueless n00b" mentality. It's unfair to assume that just because we dislike the way UAC is implemented and disable it we're all idiots who are going to install or get infected by tons of spyware/viruses.

If I managed to keep our PC's clean and proper for however many years I ran XP and its predecessors then I think I'll be ok and if for whatever reason my PC did manage to get infected via something that UAC could have prevented, It wouldn't be left like that for long, so no it wouldn't sit there email spamming or joining a botnet.

As for the thing about turning off other people's UAC, this is something I personally wouldn't do..

Share this post


Link to post
Share on other sites
Brandon Live    232
I've had UAC off for as long as I can have had Vista installed. Haven't got into any mess, nothing to report. I do , however have Spybot SD installed, which is somewhat similar to the UAC - but not as annoying.

Spybot is not in any way, shape, or form even slightly similar to UAC. Perhaps you should read some of the above posts where the purpose of UAC is clarified.

I knew someone would say that. Again its the whole "If you don't run UAC, you must be a clueless n00b" mentality. It's unfair to assume that just because we dislike the way UAC is implemented and disable it we're all idiots who are going to install or get infected by tons of spyware/viruses.

Again, UAC is not there to prevent you from installing spyware or viruses.

Share this post


Link to post
Share on other sites
DrCheese    103
Again, UAC is not there to prevent you from installing spyware or viruses.

I realise this, I was just trying to refute your argument that turning off UAC suddenly means that we're also the type to have our PC's turned into DDOS/email bots or that turning off UAC opens us up to that.

Share this post


Link to post
Share on other sites
Denis W.    730

I keep UAC on for the reasons mentioned above: sandbox-like functionality for Internet Explorer, registry/file virtualization for older apps, and of course for that small sense of idiot-proofness.

However, the one main problem for UAC still stands: what about those apps that users have to constantly elevate themselves because either a) the app's developer hasn't issued an update yet, or b) the app is an old classic that has since been abandoned? This is where an article on Microsoft's support site comes handy:

How to disable the User Account Control Prompt for certain application

Keep UAC on and follow this guide to create your own whitelist of applications that must be elevated each time you use them. (I don't know if this simply disables the prompt or it disables the prompt AND elevates it to admin privileges. If it's the latter, then I think there's an extra option or two in the Compatibility Fixes section of the database wizard that enables admin privileges.)

Share this post


Link to post
Share on other sites
Ryan R    0

That article could become useful. The worst offender for the UAC was WinRAR. Extracting files via the context menu didn't work at all, likely because when you open the main WinRAR windows - UAC requires permission.

I don't know why they call it the User Account Control when you can't turn it on for one user and have it off for another. It's either on for everyone or off for everyone.

Share this post


Link to post
Share on other sites
ViperAFK    797
That article could become useful. The worst offender for the UAC was WinRAR. Extracting files via the context menu didn't work at all, likely because when you open the main WinRAR windows - UAC requires permission.

I don't know why they call it the User Account Control when you can't turn it on for one user and have it off for another. It's either on for everyone or off for everyone.

UAC works perfectly with WinRAR, Why do people keep saying this. I have NEVER gotten a prompt from winrar in vista. Are you running an old version? 3.71 is working great for me with UAC.

Share this post


Link to post
Share on other sites
kingroach    3

I personally turn off UAC since I know what I am doing. But UAC does save people. Two of my friends has vista laptop with UAC and I they used get spyware infection regularly and every time we hang out I had to clean their computers. But with vista both are spyware free. They still have the IE toolber cluttered thanks to default instllation of yahoo messenger and aol messenger but I set Firefox as default browser and they are running problem free.

Share this post


Link to post
Share on other sites
Denis W.    730

My initial expectations of what the guide allowed us to do with elevating applications were a bit off. I assumed this allowed any application full admin privileges without the need of any prompt.

What that guide helps you to do is to disable the prompt for only those applications that trigger them (i.e. running RivaTuner on startup). My test was to see if a simple app like Notepad could write to the Windows folder. RunAsAdmin or RunAsHighest triggered UAC prompts. Using the ForceAsAdmin gave Notepad admin rights, but virtualized it (so all files went into AppData\Local\VirtualStore\Windows).

Guess there's no real whitelist then. :/ (not that I'm using any applications that are problematic under UAC)

Edited by rm20010

Share this post


Link to post
Share on other sites
Mordkanin    225
I personally turn off UAC since I know what I am doing. But UAC does save people. Two of my friends has vista laptop with UAC and I they used get spyware infection regularly and every time we hang out I had to clean their computers. But with vista both are spyware free. They still have the IE toolber cluttered thanks to default instllation of yahoo messenger and aol messenger but I set Firefox as default browser and they are running problem free.

Seriousy. Do you people even bother to read any of the other posts in the thread before you post things.

Leaving UAC on or turning it off should have absolutely nothing to do with whether or not you 'know what you're doing' (Though, the 'just enough knowledge to be dangerous' people seem to like to turn it off.).

UAC has nothing to do with those toolbars, or installing software (Since the installer generally wants to elevate itself anyway), or your mistakes.

It's about keeping processes running with as few privileges as they need to perform their function, so as to prevent them from potentially doing harm, mostly by exploits (But it certainly helps prevent by accident.)

Share this post


Link to post
Share on other sites
Brandon Live    232
My initial expectations of what the guide allowed us to do with elevating applications were a bit off. I assumed this allowed any application full admin privileges without the need of any prompt.

What that guide helps you to do is to disable the prompt for only those applications that trigger them (i.e. running RivaTuner on startup). My test was to see if a simple app like Notepad could write to the Windows folder. RunAsAdmin or RunAsHighest triggered UAC prompts. Using the ForceAsAdmin gave Notepad admin rights, but virtualized it (so all files went into AppData\Local\VirtualStore\Windows).

Guess there's no real whitelist then. :/ (not that I'm using any applications that are problematic under UAC)

That guide explains how to override the manifest-specified elevation of some applications so that they do not attempt to run with administrator privileges. It does not allow them to elevate without prompting. If that were possible, then an attacker could likely use that mechanism to escalate privileges without the user being informed.

If it is being virtualized, it does not have admin rights. "RunAsInvoker" simply means "run with the same permissions as the application that launched this one."

Share this post


Link to post
Share on other sites
Ryan R    0

So what happens if I download some freeware app and UAC tells me that 'This app wants to access your computer'?

If I click Deny - it closes.

If I click Allow - it'll be able to do what it wants. Since I obviously want to run the program since I dbl-clicked it - I'll most likely click allow anyway, due to the fact that there are no details.

Where's the 'Details' button?

Share this post


Link to post
Share on other sites
ozgeek    157

Ryan, that is what UAC does. Asking if you are sure you want to launch a program you already ordered the computer to open. I don't like things or people "questioning" my orders :(

People disable it because it's their choice, not becaise they don't understand the purpose of it. Many programs simply don't work with UAC enabled. For example, I still enjoy playing NFS High Stakes. Since the game is not very friendly with multi-tasking and will crash when I go back ingame, if any UAC pops up.

Share this post


Link to post
Share on other sites
Ryan R    0

Hehe - so do I. Although lately I've had no success whatsoever getting it to run - and I've had it working on my old PC which had Vista on it. Let's not get offtopic though. :)

Share this post


Link to post
Share on other sites
Brandon Live    232
Ryan, that is what UAC does. Asking if you are sure you want to launch a program you already ordered the computer to open. I don't like things or people "questioning" my orders :(

Why post in this thread if you haven't read any of it? I knew literacy was a problem in this country, but had no idea it had gotten so bad.

So, for the 100th time: that is absolutely not what UAC does.

People disable it because it's their choice, not becaise they don't understand the purpose of it. Many programs simply don't work with UAC enabled. For example, I still enjoy playing NFS High Stakes. Since the game is not very friendly with multi-tasking and will crash when I go back ingame, if any UAC pops up.

There is no way UAC has any effect on that game.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.