{"id":1173,"date":"2014-04-22T07:00:00","date_gmt":"2014-04-22T07:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/2014\/04\/22\/le-chateliers-principle-in-action-administrative-overrides\/"},"modified":"2014-04-22T07:00:00","modified_gmt":"2014-04-22T07:00:00","slug":"le-chateliers-principle-in-action-administrative-overrides","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20140422-00\/?p=1173","title":{"rendered":"Le Chatelier's Principle in action: Administrative overrides"},"content":{"rendered":"

Today we have another example of Le Chatelier’s Principle as interpreted by John Gall<\/a>: Every system resists its proper functioning.\n There was a video card manufacturer which was using the AppInit_DLLs<\/code> key so that they could inject their DLL into every process. I have no idea why. Perhaps to get a nice bonus<\/a>.\n In Windows Vista, the AppInit_DLLs<\/code> registry key was deactivated<\/a> for both engineering and security reasons. Oh no! Undeterred, the video card manufacturer issued an update to their driver so that in addition to adding themselves to AppInit_DLLs<\/code>, they also set the administrative override switch<\/a> that re-enabled the feature. Boom, they probably got a second bonus for that.<\/p>\n

Another lesson from this story is that if you provide an administrative override to restore earlier behavior, then you never really removed the earlier behavior. Since installers run with administrator privileges, they can go ahead and flip the setting that is intended to be set only by system administrators. <\/p>\n","protected":false},"excerpt":{"rendered":"

Today we have another example of Le Chatelier’s Principle as interpreted by John Gall: Every system resists its proper functioning. There was a video card manufacturer which was using the AppInit_DLLs key so that they could inject their DLL into every process. I have no idea why. Perhaps to get a nice bonus. In Windows […]<\/p>\n","protected":false},"author":1069,"featured_media":111744,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[26],"class_list":["post-1173","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-oldnewthing","tag-other"],"acf":[],"blog_post_summary":"

Today we have another example of Le Chatelier’s Principle as interpreted by John Gall: Every system resists its proper functioning. There was a video card manufacturer which was using the AppInit_DLLs key so that they could inject their DLL into every process. I have no idea why. Perhaps to get a nice bonus. In Windows […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/1173","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/users\/1069"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/comments?post=1173"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/1173\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media\/111744"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media?parent=1173"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/categories?post=1173"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/tags?post=1173"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}