Introduction to Vista's user account control (UAC) for developers

You may want to check out our tips on how to elevate UAC privileges correctly in Vista and how to write installers with UAC, both of which are also based on Cowan's talk.

In the days of Windows XP, all users were by default administrators on their machines. This gave developers a lot of flexibility, but it also meant that malware could work without users knowing that anything was happening. Starting with Vista, Microsoft is encouraging people to use computers in standard user mode as much as possible, and even administrator-level users operate with standard user permissions by default. If a program needs administrator privileges, Windows pops up the UAC prompt to elevate it. In essence, Vista has replaced the administrator user mode with a standard user mode that's allowed to temporarily elevate to administrator.

UAC is meant to be a transitional system in Vista for applications that were written for Windows XP, Cowan said. In fact, it's disabled in 64-bit versions of Windows; the reasoning is that developers who are advanced enough to write 64-bit code shouldn't need the "training wheels" UAC provides, Cowan said. It's also not a good idea to ignore UAC and assume that users will turn it off, he said: contrary to conventional wisdom, about 88% of Vista users keep UAC on, according t...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT .NET Developer How to speed up Visual Studio 2008's slow WPF designer How to list fonts in WPF using markup extensions and data templates How to convince management to buy Microsoft Visual Studio 2008 Microsoft webcast series previews new Visual Studio 2010 features New features in Windows 7 bring new UI considerations for developers User Account Control (UAC): How to develop code for standard users Visual Studio 2008 code metrics tools will help keep code clean Downloadable MSDN library released for VS 2008 SP 1 Widgetbox provides good example of how to use Facebook Developer Toolkit Microsoft previews new features in Visual Studio 2010 Windows Vista security and .NET Framework 3.0 User Account Control (UAC): How to develop code for standard users How to write installers in Vista that work correctly under UAC How to elevate programs' privileges correctly using Vista's UAC Beginning Windows CardSpace development Five Windows Vista security tips .NET developers should know Windows CardSpace standards, user controls sway online banker .NET 3.0 Roadshow: An introduction to Windows CardSpace .NET 3.0 Roadshow: Instance management, security in WCF What's up with Windows CardSpace Get your code ready: Windows Vista is just around the corner .NET Framework 3.5 and Visual Studio 2008 development Microsoft's message at TechEd: make the most of what you have How to speed up Visual Studio 2008's slow WPF designer How to list fonts in WPF using markup extensions and data templates How to convince management to buy Microsoft Visual Studio 2008 Moonlight 1.0 release brings Silverlight to Linux Microsoft cuts Visual Studio 2008 upgrade prices as VS 2010 looms User Account Control (UAC): How to develop code for standard users How to write installers in Vista that work correctly under UAC How to elevate programs' privileges correctly using Vista's UAC Microsoft offers startups free development tools, MSDN subscription

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Cosmos  (SearchWinDevelopment.com) IronRuby  (SearchWinDevelopment.com) Visual Studio Express (VSE)  (SearchWinDevelopment.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

o Microsoft's customer usage data.

You're also going to be under pressure from competitors to eliminate UAC prompts. The number of unique applications that cause UAC prompts is going down, from almost 800,000 in August 2007 to fewer than 200,000 a year later, Cowan said.

The best approach to UAC is to write programs that don't need it. In fact, some large enterprises require you to write programs that work in standard user mode, Cowan said. "If your app doesn't work as standard users, they are not your customer," he said.

Elevating to administrator levels makes you a target for malware, Cowan said. If your code has vulnerabilities but runs in standard user mode, hackers won't be able to use it to gain access to the rest of the machine, so they're more likely to find another program that can gain them that access; if your code has vulnerabilities but runs in administrator mode, it is that other program.

You can ensure your code runs in standard user mode by putting marking your manifest with "asInvoker" and staying away from what Cowin called "the tender bits" of the OS, like DLLs and registry keys. It's often acceptable to read such resources, but opening them in read-write mode will often trigger a UAC prompt, Cowin said; be more specific than GENERIC_ALL when specifying access masks.

Yuval Shavit is the associate editor for searchWinDevelopment.com. Email Yuval to tell him what you thought about these tips. These tips are based on a talk by Crispin Cowan, product manage for Vista's UAC team, which he gave at Microsoft PDC. The talk, "Windows 7: Best Practices for Developing Windows Standard User" is available online.

Rate this Tip To rate tips, you must be a member of SearchWinDevelopment.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.