That doesn't change anything about what's reasonable and what's not.
You're missing that there's no need for installer to make those changes at all, and at least graceful degradation could be assumed. And actually there's no need for the installer at all, except some user experience
And yes, even the VISE installer crap has support for LUA.
Just enter a 0 here and it works fine. You'll get some errors on the trial of writing some values, but you can simply press the Ignore button and continue.
Well, that's sad. In most cases simply replacing FULL_ACCESS with MAXIMUM_ALLOWED in all fopen() calls and replacing all HKLM with HKCU solves almost any problem.
That's the usual consideration, due to efficiency, as long as it doesn't create any privilege escalation vulnerabilities. Photoshop does.
Well, I did it once and ported it to every other machine. And maybe I should write a tutorial + script collection and publish it at the intarweb for all those poor admins out there.
No I am not missing anything. No one is going sit there and make those entries. I am a programmer and you are not and that's obvious. No end user in the business world or in the home environment is going to sit there and make those entries by hand. No one in Thec Support or machine setup is going to do it either, when they got 50 machines to build. They don't have the time for that kind of stuff.
Now, they may make installs for the basic setup on a machine and make an image to load on to other machines and that's about it, although I have seen the image loaded on to machines made and that has blown up in their face.
I suspect that the only one that's actually going to sit there and do something like what you're about with some registry entries is *you* I guess.
Who cares about it as long as it's done what it's supposed to do?
Again who cares about it? Only you are going to sit there and do it. No one in their right mind is going to sit there and do it.
Not to be rude here but again who cares about it?
You're not a programmer that's obvious nor does it seem that you have ever been in a Tech Support role. No one and I mean no one is into all of that. It's enough to get a machine built and put in front of a user period with the special software and other mandatory software the user requires to do his or her job. Do you think anyone has the time to be Micky Mousing around like you propose?
You go to any of the companies I have worked at and they will throw you out on your ears for even bringing it up.
Admits are not in charge of machine setup. Maybe servers and that's if they have some kind of direct involvement. But when it comes to user machines, they are nowhere in site and its Tech Support's responsibility. It's their show. They want the boat rocked as little as possible.
I guess I have to ask the question. Have ever had a real job in IT?
We had to care for. Admitted, LUA was not the only problem, but simply this f....ine installer didn't work with both Win2K and WinSrv03 (which was running on the workstations) because it either didn't like the OS or demanded the IIS Virtual Root Folders component (WTF?). So it was unavoidable anyway.
And if it had been for more than 3 workstations, we would have had to build our own installer (which then in turn might run with admin rights).
We also tried to rebuild the original installer, but every tool failed to disassemble that 5 MB MSI crap.
Wrong, and you're missing that even Microsoft is teaching their programmers to regard LUA as much as reasonably possible.
Huh? Any Admin refusing to intentionally create a security vulnerability is a bad guy? It's his job!
And as Adobe has been unwilling to eliminate both the installer's and the AdobeLM vulnerability since years, we had to take our own measures. Means: Checking and applying ACLs, using a (carefully verified) crack
Wrong, MS is training/teaching the application developer what is needed for Internet or Intranet Web solutions development and the security aspects of creating those types of secured applications or solutions.
MS is training/teaching the applications developer for desktop applications about how to implement security coding if need be in that type of application or solution.
I have taken the MS certification test's for VS 6 and .Net applications development and you are wrong about what is being taught in those certification books the way you think they are being taught.
Yes, security is being taught but not the way you're talking about it. I have been or I am in those MCAD/MCSD certification MSPress books and you have no clue as to what you're talking about.
Yes, I as a programmer have read other MSPress books that were for the security aspects of the MS NT based platform, which are not covered in detail in any MCAD/MCSD certification that an MS application developer is reading.
Not in any shop that I have worked in when it comes to those user machines. The Admin is nowhere to be found in that sequence and is not involved when a user machine is built using the NT based O/S or any other O/S on the machines.
I have worked with Tech Support personnel on many occasions to lay down the O/S and to install applications and have built the machines and done it myself in several places I have worked. An Admin with that kind of expertise is higher up in the food chain and doesn't have the time for it. They got college interns running around doing it with some supervision.
Now, once again an Admin may take charge of how a server is being built and what security issues that may need to be applied to a server.
Or the Admin will say that a security patch is critical enough that it be applied to all machines in an organization but that's about the extent of what they will ever do that I have seen in any organization. Other than that, they got someone else under them doing it and they have no direct involvement that I have ever seen.
Again, who cares about Adobe as you seem to be stuck there?
I have used Installshield and the MS installer. You can call a Admin that sets up install scripts with some solution that doesn't use something like Installshield to deploy applications to desktop machines an Admin. So be it as those people I have worked with in that capacity were Admins.
If you are using a wireless router, it might be possible to add a block rule. I dont have any personal firewalls installed on my pc,but I block all the unwanted incoming ports, using my Linksys router.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.