{"id":13323,"date":"2010-07-26T07:00:00","date_gmt":"2010-07-26T07:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/2010\/07\/26\/why-didnt-windows-xp-auto-elevate-programs-beyond-those-named-setup-exe\/"},"modified":"2010-07-26T07:00:00","modified_gmt":"2010-07-26T07:00:00","slug":"why-didnt-windows-xp-auto-elevate-programs-beyond-those-named-setup-exe","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20100726-00\/?p=13323","title":{"rendered":"Why didn&#039;t Windows XP auto-elevate programs beyond those named setup.exe?"},"content":{"rendered":"<p>Commenter J-F has a friend who wonders <a href=\"http:\/\/blogs.msdn.com\/oldnewthing\/pages\/407234.aspx#1621407\"> why Windows&nbsp;XP didn&#8217;t auto-elevate all installers<\/a> but rather only the ones named setup.exe. (Perhaps that friend&#8217;s name is <a href=\"http:\/\/blogs.msdn.com\/oldnewthing\/pages\/407234.aspx#1719264\"> Josh<\/a>, who repeated the question twelve days later.)\n Remember what the starting point was. In Windows&nbsp;2000, <i>nothing<\/i> was auto-elevated.\n Before adding a feature, you have to know what problem the feature is trying to solve. The problem is improving the experience for non-administrators who want to install software. When they try to install a program and forget to use the <i>Run as<\/i> feature, then instead of proceeding halfway through the installer and then getting an <i>Access denied<\/i> error, do the <i>Run as<\/i> for them automatically.\n Knowing whether the user is running an installer that requires elevation requires a degree of semantic analysis beyond what you want to add to the <code>Create&shy;Process<\/code> code path. Hey, here&#8217;s a program called <code>PRONT4.EXE<\/code>. Is it an installer? Turns out that it is. And then there are the programs that might be installers, depending on what other command line switches you provide.\n Given that you&#8217;re reduced to a heuristic, you have to decide what the acceptable rates of false positives and false negatives will be. If you guess wrong and think a program requires administrator privileges when it doesn&#8217;t, then you&#8217;ve screwed over all the non-administrators who want to use the program. &#8220;I used to be able to run this program, but now when I try, I&#8217;m asked for the administrator password, which I do not know. Windows broke my program.&#8221; The effect of a false positive is <i>My program stops working<\/i>.\n On the other hand, if you fail to detect a program that requires being run with administrator privileges, the behavior is the same as before: The user gets an <i>Access denied<\/i> error. The effect of a false negative is <i>No change<\/i>.\n Given that the cost of a false positive is huge and the cost of a false negative is zero, you can see that the math says to use a conservative heuristic. The heuristic is that a program named <code>setup.exe<\/code> will be treated as an installation program, and nothing else.\n Windows was under no obligation to auto-detect installation programs. Indeed, according to the strict interpretation of operating system design, it <i>shouldn&#8217;t<\/i> do this. If the user says to run this program at the current privilege level, then you darned well better run the program with the current privilege level. The treatment of programs named <code>setup.exe<\/code> is really just a compatibility hack, a courtesy to make your life a little bit easier.\n It&#8217;s a case of giving somebody five dollars and being asked <a href=\"http:\/\/blogs.msdn.com\/oldnewthing\/archive\/2008\/03\/10\/8080067.aspx\"> why you didn&#8217;t give them ten<\/a>.<\/p>\n<p> Starting in Windows&nbsp;Vista, applications can specify via a manifest whether they want to run at the privilege level the user requested (<code>requested&shy;Execution&shy;Level level=\"as&shy;Invoker\"<\/code>) or always to elevate to administrator (requestedExecution&shy;Level level=&#8221;require&shy;Administrator&#8221;). Hopefully, all new applications will specify their elevation requirements explicitly, and the heuristic will be necessary only for old programs. &shy;e&gt;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Commenter J-F has a friend who wonders why Windows&nbsp;XP didn&#8217;t auto-elevate all installers but rather only the ones named setup.exe. (Perhaps that friend&#8217;s name is Josh, who repeated the question twelve days later.) Remember what the starting point was. In Windows&nbsp;2000, nothing was auto-elevated. Before adding a feature, you have to know what problem the [&hellip;]<\/p>\n","protected":false},"author":1069,"featured_media":111744,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[26],"class_list":["post-13323","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-oldnewthing","tag-other"],"acf":[],"blog_post_summary":"<p>Commenter J-F has a friend who wonders why Windows&nbsp;XP didn&#8217;t auto-elevate all installers but rather only the ones named setup.exe. (Perhaps that friend&#8217;s name is Josh, who repeated the question twelve days later.) Remember what the starting point was. In Windows&nbsp;2000, nothing was auto-elevated. Before adding a feature, you have to know what problem the [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/13323","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/users\/1069"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/comments?post=13323"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/13323\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media\/111744"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media?parent=13323"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/categories?post=13323"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/tags?post=13323"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}