A few people approached me after my Windows Vista User Account Control presentation during Singapore’s Partner Tech Day. As there were a number of ISVs in the audience, it was good to hear some of their concerns regarding UAC when users with Vista try to run their apps.
Biggest concern? How will UAC work with copy protection / licensing mechanisms in their apps?
In short, Windows Vista security / UAC will keep each standard user within their Vista user profile. In other words, no user should be able to impact the user experience of another user. If a user accidentally installs spyware, other users on the machine won’t be affected. All you need to do is to delete the profile and start again. Well… at least that is the goal.
Some copy protection mechanisms reads/writes to portions of the registry and/or file system. Sometimes to shared areas of the system. This is a big no-no in Vista so … yes… some copy protection / licensing mechanisms will break.
I did some playing around with Vista’s security and UAC. Specifically around how UAC’s virtualization will react when a standard user attempts to access a key in a shared area of the registry. Here are the scenarios.
Application Reads from Shared Area of Registry
Virtualization is Enabled
|
Scenario
|
Registry Read Results
|
|
Virtualized Key Exists
Shared-Area Key Does Not Exist
|
Virtualized Key Value Returned
|
|
Virtualized Key Does Not Exist
Shared-Area Key Exists
|
Shared Area Key Value Returned
|
|
Virtualized Key Exists
Shared-Area Key Exists
|
Virtualized Key Value Returned
|
So… from the results we can see that UAC virtualization will always access the virtualized registry area first before accessing the shared area. Inte
resting.
For those of you who have no idea what I’m talking about… I’m about to post my deck. UAC and virtualization is rather interesting.
Chewy Chong works in Southeast Asia and lives in Singapore. He does something technology related.
