Satisfying UAC ...

I haven't seen this discussed, and may even have the wrong subject. In
observation I see that apps such as Trend Micro, McAfee, Mail, Word, and
Office Outlook when executed do not get the UAC dialog box. Am I correct in
assuming that this is because these apps have the proper credentials to
satisfy UAC when they are launched? Does this require an Authenticode
certificate in signing these applications? Obvioulsy this ia a rather basic
question, but I am looking at this for the diagnostics my company produces
and would like to avoid an FAE having to deal with UAC. A link would be much
appreciated.

Thanks,
Gary G. Little

Gary G. Little wrote:
> I haven't seen this discussed, and may even have the wrong subject. In
> observation I see that apps such as Trend Micro, McAfee, Mail, Word, and
> Office Outlook when executed do not get the UAC dialog box. Am I correct in
> assuming that this is because these apps have the proper credentials to
> satisfy UAC when they are launched? Does this require an Authenticode
> certificate in signing these applications? Obvioulsy this ia a rather basic
> question, but I am looking at this for the diagnostics my company produces
> and would like to avoid an FAE having to deal with UAC. A link would be much
> appreciated.
>
>
There's nothing special - they just don't need admin privileges to start
up. eg. no modifying of HKEY_LOCAL_MACHINE, don't modify files outside
your users application data folder (SHGetSpecialFolderLocation), etc. -
there are a few whitepapers around on this stuff on msdn.

I can see no reason why mail, word and outlook would need to do any of
these things so they probably just worked straight away. McAfee and
Trend will have installed a service that can do all the 'privileged'
things like virus scanning and their UI will be completely unprivileged.

You can't bypass UAC whether you have a certificate or not.. otherwise
there would be no point (even I have one and I'm nobody special -
$VIRUS_WRITER could easily get one).

Tony

Bad assumption on my part ... thanks Tony for you time.

--
The personal opinion of
Gary G. Little

"Tony Hoyle" <TonyHoyle@nospam.nospam> wrote in message
news:OJZco1l4GHA.2464@TK2MSFTNGP06.phx.gbl...
> Gary G. Little wrote:
>> I haven't seen this discussed, and may even have the wrong subject. In
>> observation I see that apps such as Trend Micro, McAfee, Mail, Word, and
>> Office Outlook when executed do not get the UAC dialog box. Am I correct
>> in assuming that this is because these apps have the proper credentials
>> to satisfy UAC when they are launched? Does this require an Authenticode
>> certificate in signing these applications? Obvioulsy this ia a rather
>> basic question, but I am looking at this for the diagnostics my company
>> produces and would like to avoid an FAE having to deal with UAC. A link
>> would be much appreciated.
>>
> There's nothing special - they just don't need admin privileges to start
> up. eg. no modifying of HKEY_LOCAL_MACHINE, don't modify files outside
> your users application data folder (SHGetSpecialFolderLocation), etc. -
> there are a few whitepapers around on this stuff on msdn.
>
> I can see no reason why mail, word and outlook would need to do any of
> these things so they probably just worked straight away. McAfee and Trend
> will have installed a service that can do all the 'privileged' things like
> virus scanning and their UI will be completely unprivileged.
>
> You can't bypass UAC whether you have a certificate or not.. otherwise
> there would be no point (even I have one and I'm nobody special -
> $VIRUS_WRITER could easily get one).
>
> Tony