Joanna Rutkowska has always been a big supporter of the Windows Vista security model. Until she stumbled upon a 'very severe hole' in the design of UAC and found out - from Microsoft officials - that the default no-admin setting isn't even a security mechanism anymore. Rutkowska believes UAC has a major flaw in the way it automatically assumes that all setup programs (application installers) should be run with administrator privileges.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2005-07-06
Windows installers are more akin to something like the Loki installer under Linux
I disagree. Windows installs now use the MSI framework, they are not just "copying programs" like in the early setup days. By interacting with the MSI framwork, they do interact with the MSI windows installtion database [E.g., Add/Remove Programs], and as such they are very similar to Linux installs.
However, I do think they "could" be done in a way that they would not need admin privileges, but that is a future task.
When I try to install an RPM, it complains about not having permission to interact with the RPM database. Am I missing something?
Member since:2005-07-13
When I try to install an RPM, it complains about not having permission to interact with the RPM database. Am I missing something?
That's correct AFAIK, the rpm db is restricted. You can extract an rpm as a user and manually install it, but then it may as well be a .tar file.
Suse/Novell tried to work around this to a certain extent with the ill-fated zmd framework; it used dbus to allow an updater application running under regular user permissions to signal the package management daemon to selectively download and install signed updates, which effectively worked around the rpm permission issues without requiring the actual user to authenticate as root. And it was possibly the single intelligent idea within zmd, for which everything else was horribly, horribly wrong.
Member since:2005-07-06
However, I do think they "could" be done in a way that they would not need admin privileges, but that is a future task.
This is already possible using Windows Installer 4.0 and (preferably) ClickOnce, but the application developer needs to design the application and deployment package so it doesn't impact the system (ClickOnce is specifically designed for this scenario).
There's already a Tetris game online by Chris Sells that uses ClickOnce and should install (w/ Start Menu and A/RP entries) as standard user. It was orriginally written in 2002 for .NET 1.x, then updated for ClickOnce while that was in development.
Main page
http://www.sellsbrothers.com/wahoo/
ClickOnce link:
http://www.sellsbrothers.com/wahoo2/publish.htm
Edited 2007-02-14 22:30
Member since:
2005-07-08
If you know what you're doing, rpm files can certainly be installed without admin privileges, to your home directory, or where ever. You may run into dependency problems of course, but like I say, it's not so bad if you know what you're doing.
At any rate, Windows installers are more akin to something like the Loki installer under Linux. There's absolutely no reason in my eyes why something like that would require admin priviliges. It's just silly programmers that don't know what they're doing is all. Or perhaps they know exactly what they're doing (think spyware etc).