Apple thinking ahead for Vista? | The Coffeehouse

jmacdonagh

This came up when I opened up iTunes today after disabled my CD-ROM's Autorun.

http://i27.photobucket.com/albums/c169/jmacdonagh/UAC.jpg

Notice the LUA icon next to the Yes button.

Rowan
Look, no errors.

www.imageshack.us

jmacdonagh

http://img87.imageshack.us/img87/1321/uacdi5.jpg

I get confused with all the image hosting companies.

Massif
aim stupidly high, expect to fail often.

Doesn't LUA add that automatigically when it detects that an action is going to require elevated permissions? Or have I deluded myself into thinking the magic software pixies are at work again?

Jack Poison
At what price, Freedom?

Massif wrote:
Doesn't LUA add that automatigically when it detects that an action is going to require elevated permissions? Or have I deluded myself into thinking the magic software pixies are at work again?

I think you're right on that.

Or that's how it should work. Never rely upon a third party to handle OS security.. right?!

AndyC

How would Vista know what's going to happen when the button is pressed?

Sven Groot
My name has 9 letters. Coincidence? I think not...

Vista doesn't add that icon automatically. As Andy says, it can't know what's going to happen when a button is pressed.

And as I've said countless times before, an application can't elevate after it's started. If that button is going to do something that requires admin privileges and the process isn't already elevated, it's too late. The only way around that is, naturally, to launch a separate process (that will ask for elevation) to do the work for you (an out-of-process COM object can do the trick too). Vista won't be able to automatically separate admin tasks into separate processes either.

So it's up to you to make sure your app works with UAP. Which means that your main application should work without being elevated (i.e. it should work under limited user rights), and whenever it needs to do something that needs more rights, it should delegate that task to a different process that asks to elevate. The visual design guidelines for Vista applications specify that whenever you do this, you should indicate it with the shield icon.

But it's up to you, Vista won't - and can't even if it wanted to - do it for you.

blowdart
Peek-a-boo

Sven Groot wrote:

So it's up to you to make sure your app works with UAP. Which means that your main application should work without being elevated (i.e. it should work under limited user rights), and whenever it needs to do something that needs more rights, it should delegate that task to a different process that asks to elevate. The visual design guidelines for Vista applications specify that whenever you do this, you should indicate it with the shield icon.

You learn something new every day! Thanks Sven!

Now, who has a managed code sample? [6]

W3bbo
The Master of Baiters

blowdart wrote:

Sven Groot wrote:
So it's up to you to make sure your app works with UAP. Which means that your main application should work without being elevated (i.e. it should work under limited user rights), and whenever it needs to do something that needs more rights, it should delegate that task to a different process that asks to elevate. The visual design guidelines for Vista applications specify that whenever you do this, you should indicate it with the shield icon.

You learn something new every day! Thanks Sven!

Now, who has a managed code sample?

Is the Shield icon stored in Shell32's library or anything? I'm going to hate it 10 years down the line when all the programs are using Vista's shield icon on Windows Vienna.

Rossj

blowdart wrote:

Sven Groot wrote:
So it's up to you to make sure your app works with UAP. Which means that your main application should work without being elevated (i.e. it should work under limited user rights), and whenever it needs to do something that needs more rights, it should delegate that task to a different process that asks to elevate. The visual design guidelines for Vista applications specify that whenever you do this, you should indicate it with the shield icon.

You learn something new every day! Thanks Sven!

Now, who has a managed code sample?

For starting a process?

using System.Diagnostics;

ProcessStartInfo startInfo = new ProcessStartInfo( "MyProc.exe" );
startInfo.UserName = "fred";
startInfo.Password = "oopsamIreallygoingtostorethisincode";
startInfo.WorkingDirectory = @"c:\AnywhereSoThatItIsntSystem32";
Process.Start( startInfo );

blowdart
Peek-a-boo

Rossj wrote:
For starting a process?

using System.Diagnostics;

ProcessStartInfo startInfo = new ProcessStartInfo( "MyProc.exe" );
startInfo.UserName = "fred";
startInfo.Password = "oopsamIreallygoingtostorethisincode";
startInfo.WorkingDirectory = @"c:\AnywhereSoThatItIsntSystem32";
Process.Start( startInfo );

Ugly isn't it? And if course if you had the password already you wouldn't need UAC ...

Rossj

blowdart wrote:

Ugly isn't it? And if course if you had the password already you wouldn't need UAC ...

I had already come to the conclusion that UAC is an arse-covering exercise - well we warned you it would break, we told you not to turn it off.

I am still crying over that Try Again button ... you do not have permission .. Try Again or Cancel ..... please... please ... please... just let me Authenticate. It is either arse-covering, or half-arsed - you choose.

AndyC

blowdart wrote:

Ugly isn't it? And if course if you had the password already you wouldn't need UAC ...

Yes you would. The username and password alone are not enough to elevate - you also need consent and UAC is the only way to get that.

The "try again" thing has to be a bug, hopefully that'll be fixed before RTM.