I would just like to add a few things in addition to the good info Kerry
"Swifty" <Swifty.firstname.lastname@example.org> wrote in message
> 1. Does UAC prompt the user for permission even for actions that would
> have not needed an administrative tokens in Windows XP while running as
> limited user?
Actually, UAC does not prompt for "actions" at all.
UAC works at "application" granularity (or, if you want to get technical, at
a process or COM component boundary).
An application is either "elevated" (running at root level) or unelevated
(running without any special privileges). There is actually a third state
possible if you are not running as an admin (however much privilege you
have, if your user account is assigned more privileges than the normal
"standard user" privileges), but since it doesn't prompt, I won't talk about
An application is either started elevated or non-elevated. Once an app is
started, it cannot change from one to the other.
Also, in most cases, UAC does *not* determine whether an app runs elevated
or not. It is an application's responsibility to TELL WINDOWS that it
The exception to this rule is for setup programs and popular non-compatible
applications Microsoft has tested Vista with, realized they are going to
need admin privileges, and set Windows Vista to recognize them and tell them
So, if you have Windows-XP or earlier applications and they require admin
privileges, they will probably NOT PROMPT and fail miserably, so you should
do as Kerry said and mark them as requiring administrator in the file
properties -> compatability tab. This will make them prompt for elevation
whenever you run them, keeping you from having to right-click on them and
click Run As Administrator.
For "naughty" applications in XP that would otherwise NOT NEED admin
privileges, except for the fact that they do some stupid things like try to
write to program files and other restricted areas, there is a new "hack" in
Vista to make these programs work WITHOUT running them as administrator.
Windows tricks these programs into THINKING they are writing to the
restricted area, but actually copies the files they are modifying to an area
inside your user profile (called the virtualstore). When this program opens
those files again, it will see the hidden copy of the file instead of the
This "hack" should allow some of the programs you use that SHOULD NOT need
admin power to work correctly in Vista WITHOUT giving that program admin
power - but this kind of trickery can cause confusion (you might end up
loosing track of some files since if you try to save something in a
protected area from within one of these programs it will get moved to the
> I'm hearing horror stories of UAC asking for prompts for
> programs and actions that otherwise didn't need administrator
> privileges in the first place and I'd like this fear to be allayed.
Consider this fear allayed.
It is the programs responsibility to tell Winows if it needs admin power or
not. If the program doesn't tell Windows that it needs admin power (and
windows doesn't know better via appcompat shims), then Windows ASSUMES that
the program DOES NOT need admin power.
Programs that do not need admin power do not prompt and do not run with
Programs that DO need admin power and are compatible with Vista WILL prompt
you for admin power when they start
(or, they will run with limited privileges and only prompt you for your
admin power when you try to perform an admin operation, like Windows
Explorer [this is technically accomplished by seperating the admin
functionality out of the programs into seperate programs or com
Programs that DO need admin power but DO NOT tell Vista this - will not
prompt and will not run with admin power, and so will probably fail. You
will need to either run-as-administrator these programs or change their
compatability options to always make these programs prompt for elevation.
> Though, to a person who uses limited user accounts all the time, it's
> sounding like UAC doesn't change anything to what limited users usually
> go through except finally giving them the option to elevate privileges
> on the fly for actions that would have otherwise fizzled in Windows XP
> without warning.
This is a correct understanding.
If you are logged in with an administrator account, programs will either run
with a "filtered" token (this program cannot use your administrator powers)
or your real token (all the powers you have). Programs that do not prompt,
do not run with all your privileges - just standard user privileges. You
will get the chance to elevate programs that request admin privileges with
consent - you just click Continue or Cancel. The system protects this screen
to prevent malicious applications from hijacking it.
If you are logged in as a standard user, programs that DO NOT require admin
privilege run inside your user account. Programs that require admin
privileges (which your account does not have) will ask you for the
credentials of an administrator in order to run. In this case, IT WORKS
EXACTLY LIKE XP RUN AS - the administrative program will run as if *the
adminisrative user*, and NOT your current standard user account, started
it - so it will not be accessing your standard user registry/profile, but
> 2. Is there a way to grant certain applications elevated privileges
> permanently? For example, I use a TV tuner application to watch TV on
> my PC but for some odd reason, it requires elevated privileges in
> Windows XP to run (it's an old Hauppauge 878). As a result, I have to
> run it using the "Run As" command and execute it using an administrator
> account. It would be great if I could tell Vista that this application
> should always be executed with administrator privileges without nagging
> me with a UAC prompt everytime I ran it.
As kerry said, you can mark a non-vista-compatible program as needing admin
privileges, so it will prompt you for permission whenever it starts, as
opposed to it just running without admin privileges.
But, there is no way to tell a program to always run elevated without
prompting. If you think about this, it makes sense - this would allow
malicious programs to run this "blessed" program to take over your computer.
Imagine if you blessed the command prompt - malicious programs could run a
command prompt, which would then run elevated without your consent, and then
tell the command prompt to run their own malicious executable, which would
then run elevated. Or, it could issue malicious command lines (like
formating your hard drive).
UAC ensures the following:
- Only programs that prompt can perform administrative actions
- *You* must authorize and know about an administrative action - this
prevents malware from using trusted, system components to take over your
computer ("Hey I didn't start format.exe - I don't want it to run!")
> 3. Is there a method to grant an application administrative privileges
> before UAC figuring out itself that the app needs admin privileges? For
> example, say I want to play Battlefield 2 but I know that Battlefield 2
> needs administrator privileges because it uses Punkbuster. Instead of
> opening it, having UAC popping up, and -then- elevating bf2.exe's
> privileges by pressing "Allow", I want to give bf2.exe the privileges
> it needs before UAC notices that it needs elevated privileges. Sorta
> like using "Run As" in XP, but this time elevating the current user's
> token and not using a completely different user account to get
> administrative access.
The elevated token (running the program in the same account but with full
privilege) can only be done if you are logged in as an administrator - and
that is how the elevation process works when logged in as an administrator.
A program is either given a filtered token or an elevated token, but all
programs you run are running inside your user account.
When you are a standard user, things work exactly like you were using "run
as" in XP, except the prompt is automatic
Again, I should point out that UAC does not "notice" if something needs
admin privileges - the application either tells UAC that it wants elevation
or not. If it doesn't say what it wants, and the good folks at the Windows
compatability labs didn't test that application, then it will simply run
WITHOUT elevation and without prompting - even if it really does need admin
An application will either start with elevated privilege or not.
> 4. And speaking of the Run As command, does Vista have one?
Not thru the GUI, although you can use the runas command-line tool. Note
that you CANNOT "elevate" a program with the runas command-line tool - all
programs it runs will run with an unelevated token, even if the account you
authenticate with is an administrator (with an exception made for the
disabled built-in administrator account).
Microsoft MVP - Windows Shell/User
Windows Vista Support Faq