User Account Control (UAC): How to develop code for standard users

The trick is to write your code such that you avoid unnecessary UAC prompts, and that basically means not accessing administrator-level rights in Vista. Here are searchWinDevelopment.com's top three tips for how to develop code that works with Vista's standard user. These tips are based on a talk at PDC by Crispin Cowan, senior project manager at Microsoft's UAC team.

1. Don't rely on UAC -- or ignore it

User account control was designed to be a temporary tool -- or, as Cowan put it, "a softer, gentler standard user." Under Vista, administrator users are actually standard users who are allowed to launch applications with administrator approval -- as long as they go through the UAC prompt. Standard users can elevate applications using the over the shoulder (OTS) prompt, which requires an administrator's login. This introduction to UAC for developers will also teach you how to avoid the UAC prompt altogether by developing programs for standard users.

2. Elevate to administrator mode correctly

Of course, sometimes you legitimately need administrator access. For instance, management tools often need to write to those tender bits of the operating system, as do installers that install for more than just the current user. In those cases, there's a wron...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT .NET Developer How to speed up Visual Studio 2008's slow WPF designer How to list fonts in WPF using markup extensions and data templates How to convince management to buy Microsoft Visual Studio 2008 Microsoft webcast series previews new Visual Studio 2010 features New features in Windows 7 bring new UI considerations for developers Introduction to Vista's user account control (UAC) for developers Visual Studio 2008 code metrics tools will help keep code clean Downloadable MSDN library released for VS 2008 SP 1 Widgetbox provides good example of how to use Facebook Developer Toolkit Microsoft previews new features in Visual Studio 2010 .NET Framework 3.5 and Visual Studio 2008 development Microsoft's message at TechEd: make the most of what you have How to speed up Visual Studio 2008's slow WPF designer How to list fonts in WPF using markup extensions and data templates How to convince management to buy Microsoft Visual Studio 2008 Moonlight 1.0 release brings Silverlight to Linux Microsoft cuts Visual Studio 2008 upgrade prices as VS 2010 looms How to write installers in Vista that work correctly under UAC How to elevate programs' privileges correctly using Vista's UAC Introduction to Vista's user account control (UAC) for developers Microsoft offers startups free development tools, MSDN subscription Windows Vista security and .NET Framework 3.0 How to write installers in Vista that work correctly under UAC How to elevate programs' privileges correctly using Vista's UAC Introduction to Vista's user account control (UAC) for developers Beginning Windows CardSpace development Five Windows Vista security tips .NET developers should know Windows CardSpace standards, user controls sway online banker .NET 3.0 Roadshow: An introduction to Windows CardSpace .NET 3.0 Roadshow: Instance management, security in WCF What's up with Windows CardSpace Get your code ready: Windows Vista is just around the corner

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Cosmos  (SearchWinDevelopment.com) IronRuby  (SearchWinDevelopment.com) Visual Studio Express (VSE)  (SearchWinDevelopment.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

g way and three right ways to get elevated privileges. In increasing order of sophistication (and decreasing order of ease), those are: launching a new, elevated process; creating a privileged COM object with its own GUI; and refactoring the privileged code into services or tasks, their successors in Vista, tasks. An unprivileged application can't dynamically elevate itself, and a privileged application can't dynamically restrict itself to standard user permissions; this tip will show you how to elevate into administrator mode with UAC safely in Vista.

3. Know what to do, and what not to do, with administrator privileges

The whole point of UAC is to get applications away from the habit of running in administrator mode unnecessarily. Just as important as how you elevate to administrator access is knowing what you shouldn't do with it. For instance, installers that run in administrator mode (for per-machine installs) shouldn't launch read-me files or the first instance of the application, Cowan said. Our last tip in this series will show you how to write installers in Vista with UAC.

The upshot of all this is that user account control may present a painful transition for developers, but it's for a good cause. The new security model makes it harder for Trojans, viruses and other malware to do their harm silently and in the background. But here we defer to the expert, who said it as well as we could:

"The least privilege model that Vista introduced is good. It's good for the platform's security, it's good for your security. It saves us all from our own flawed software, because if everybody's running everything as administrator, then the security requirement is basically 'don't write vulnerable code,' and writing perfect code all the time is really tedious," Cowan said.

Yuval Shavit is the associate editor for searchWinDevelopment.com. Email Yuval to tell him what you thought about these tips. These tips are based on a talk by Crispin Cowan, product manage for Vista's UAC team, which he gave at Microsoft PDC. The talk, "Windows 7: Best Practices for Developing Windows Standard User" is available online.

Rate this Tip To rate tips, you must be a member of SearchWinDevelopment.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.