2. NSIS Discussion
  3. restricted folders (vista)

Archive: restricted folders (vista)


bnicer
7th March 2007 13:46 UTC

restricted folders (vista)
Hi all,

Some install folders might often be inaccessible when you are not an administrator -- Program Files, etc.

I've found you can avoid trouble by not installing into a special folder.

1) What is the situation in Vista? Can an ordinary user, not an admin, install to C:\myprogram? (not a special folder -- but maybe restricted?)

2) (Vista) Are the icon group folders (under $SMPROGRAMS) restricted if you're a non-admin?

Finally, (all Windows versions), is it possible to prevent the user from selecting an install path that will fail in advance?

You have to wait for the installer to return an access is denied message during the install process, right?

Some of these questions, I realize, would be unnecessary if I installed Vista, but I'm wary of taking the plunge. One day I will close my eyes and jump. Until I do, help?

Thx.

onad
8th March 2007 13:40 UTC

TIP:
Search google for "Vista Virtualization" and you see how MS solved the issue supporting legacy "Misbehaving" installers.

Comperio
8th March 2007 16:18 UTC

Use RequestExecutionLevel admin in your build script and you shouldn't have to worry...

bnicer
8th March 2007 18:45 UTC

Reading up on Vista Virtualization, I get the impression most conflicts between the user and the administrator have been laid to rest.

Thank you for the assurances.

What holds me back from getting Vista has more to do with spending too much time on XP in my case.

So, I'm not saying this hasn't been helpful. It has.

Anders
9th March 2007 09:51 UTC

Vista Virtualization does not apply to applications with a manifest (RequestExecutionLevel)

Also, Vista autodetects NSIS installers even with no manifest, not sure if virtualization is turned off then (You could check this with Process Explorer)

Comperio
10th March 2007 06:46 UTC

But, since virtualiztion only gets used if the user can't write to the original location, it's probably a moot point if the installation is auto-detected by Vista and prompts the user for elevated privleges.

Vista's install detection is based on a "best guess" approach based on a number of things, including unique EXE signitures, name of the EXE itself, and certain keywords in the EXE's properties--not exactly failsafe, in my opinion. That's why suggest using RequestedExecutionLevel. This adds a manifest to the installer (compiled EXE) and thus leaves no question as to what level of execution to allow the setup to run at. (And, as bnicer points out, it also disables virtualization, which is also a plus.)

And FWIW, virtualiztion is disabled on native 64-bit code and in any services (32 or 64-bit). Not that any of this pertains directly to NSIS, but it might...)

Here's the best starting reference for UAC in Vista that I've found in case anyone's curious...

Fork me on GitHub