is it ok to store executables in programdata?

Question

is it ok to store executables in programdata or appdata? The result is that i can modify it (update it) without having to display the uac warning, but on the other hand so can any other application..

Note: It seems that google chrome is doing this.

Answer 1

The major advantage is that users without admin access can install software without admin permission. The major disadvantage is that users without admin access can install software without admin permission.

Answer 2

Although it is becoming more common to see apps installed in these locations (chrome, runonce, gtalk) - it is a security risk, and as Jonathan said - the benefit is also it's largest downside.

Many enterprises are now blocking apps from running from these locations. As more and more enterprises identify this as a gaping security hole, I'd expect more and more organizations to lock this down.

I think that your question: "Is it against the rules" is a subjective one. There is certainly room for debate, but it ultimately seems like a proactive decision to circumvent the intended security of the system. I personally would not install to these locations.