It's doing it's job. That is what it is designed to do. Protect your critical system and program files folders.
Nathan please, how is preventing admin from uninstalling software part of secure design? This is crucial design failure - either let's have a sandbox installation system, or let's not treat unistall files, the only clean way out, as critical system files. All the neccessary mechanisms are built into windows, you have restore points and (bad, but still) permission elevation, all it needs to do is run test stage - will this prog install, if no, then let's display "this program will not install with UAC in silent mode, try running it as administrator" rather than allow it to write to registry and then fail miserably inserting mechanism responsible for uninstalling it.
UAC is actually quite reasonable if the install program is a MSI Windows Installer. But because this particular application has some dodgy installer UAC thinks "Nah... not in a million years am I going to grant that thing any slack!"
If it didn't grant it any slack it wouldnt' be an issue. But what it does is allow it to install and then cut off possibility for Administrator, out of all users, to have any control over it. It's not that it prevents something from being installed, it's a problem with which element of the software it decides to refuse. What it does is a lot like letting bank robbers to enter the building, take all the money, kill all the hostages and then walk away, while police is surrounded tightly with wall of bulletproof glass "for their own protection" and bullets removed, just so they don't hurt themselves while shooting bad guys.
At the end of the day it's a very simple dilema -
is UAC supposed to protect your system or is it supposed to pretend to protect it, only if software follows certain rules and etiquette. If it's supposed to protect your system then it should remove all bits of the software in question after unsuccessful installation. Not just block ways to uninstall it.
I think it's plain to see for everyone here who is taking a pop at who
As a moderator of this forum I aren't allowed to get drawn into these types of water pistol contests. But nor do I particularly want to because the last time I gave you some hard core facts on similar subjects you personally attacked me in a last gasp style post :/
And I hope "no water pistol contest" policy will remain active. My turn of phrase might not always be the most fortunate or gramatically correct (it's quite obvious English is not my first language) and so if you felt attacked at any point in any of our conversations, I apologize, it wasn't my intention and I would like you to keep in mind, now and always- just because I don't agree with you on some aspect of technology it doesn't mean I'm attacking you personally.
Yes I have worked with Unix systems (who hasn't at some stage in their life?)
Then you know user elevation in unix just works. There is no special magic or complication to it. The person invoking administrative command either does so as root or doesn't have opportunity to perform it. There is no "do it as half admin, sandbox will say yes in a background and half of it will be done while the other half fails" aspect to it and never will be.
UAC, I can only presume was meant to be the simple, clean sudo equivalent for windows permission system, but instead it just does this bizarre excercise of striping Admin of his level for most tasks rather than introducing clean distinction between what admin should do and what should remain in hands of regular user.
But let me give you another example why UAC in silent mode and just saying "yes" to everything is not a good idea.
Any installation can request to be run in administrator mode. If it is run that way the elevation switches off registry virtualization and gives install program access all areas, with registry entries for all users, full guns blazing, even revise rights of all other administrators on the system. Once installation ends the elevated user is "dropped back" from "admin olympus" down to just being Administrator without administrative rights. So far so good.
The scenario of silent UAC however creates funny issue: (which is actually very old problem, actively overlooked on every possible mention) because installer run as admin can become "Admin Elevated over itself" a simple installation of the proverbial winzip or a game can request access to just about anything, anywhere, any registry part, load kernel drivers, what have you.
Now, if you run UAC in normal mode, you get popup and if you actually read it you might ask yourself - why does this software needs to be installed as adminstrator. What is it that this game, which I install in, say c:\games needs to do to my protected and system folders and why should I agree to it putting its dirty fingers and stirring exes and dll's around my system? Right?
But if you run UAC in silent mode, it will just say yes. Under certain conditions, you could double click on installation of, let's say a screensaver or rotation and not knowing what that installer is doing (with UAC clicking just nodding in the background) end up with the following funny situation:
Folder with files created and owned by Administrator v0n, to which access for any Administrator on the machine was revoked Elevated Administrator v0n, (that includes access denied for the Administrator v0n himself), recursive or otherwise. Files in such dir are then invisible to regular search, possibly invisible if you don't have "show all files" options clicked, be executable but non deletable, impossible to edit or check for any Administrator including owner. It's also easy, just using permissions to make such utility or prog to uninstall from control panel but not remove files other than entry in Programs and Features. This is all because of the "any cardinal can be holier than pope" paradoxal user ladder in Vista.
Without UAC on at all, of course, you are absolute power, so you click it and delete it. With UAC silent you need to ask yourself for special permission to add yourself a right to change your rights to the folder and files you, yourself created then disallowed yourself any rights to by being your elevated self... emm... well... I think you get the picture. That kind of malarky just goes "whoosh" above typical user's understanding of things like a Tie Fighter in full combat mode.
So my advice still stands - if you must use the box as Admin then either have UAC on, and read what it wants, question the requests and act accordingly or be power player - have view all files and folders on and absolute power on the box just so you can wipe troublemaking stuff with ease.
you said *** software is not vista compatible when it is, it's the installer that isn't fully compatible !
