I have an application written in Delphi 7 which does not require an admin privilages to run.
For some reason I am able to save files to c:\windows and c:\windows\system32 from within the application even though the application has not requested UAC elevation. I am logged in as an admin with UAC turned on and I haven't changed any of the default UAC settings. The files actually show up under Windows Explorer as well. I am not using the 'Run as Administrator' option.
If I try to do the same thing using WordPad under the same profile I get an error as expected.
Any ideas what is going on?
Th application is using Ole Structured Storage to save and includes the following manifest, if that helps.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity type="win32" name="DelphiApplication" version="1.0.0.0" processorArchitecture="*"/>
<dependency>
<dependentAssembly>
<assemblyIdentity
type="win32"
name="Microsoft.Windows.Common-Controls"
version="6.0.0.0"
publicKeyToken="6595b64144ccf1df"
language="*"
processorArchitecture="*"/>
</dependentAssembly>
</dependency>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel
level="asInvoker"
uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Edit: To be clear my application does not save anything to these locations by default. I am choosing these locations via the standard file save dialog.
Update
I have found out why my application was being treated as legacy despite including the above manifest. It turns out a 2nd manifest was also being included which did not have the 'trustInfo' section. I have removed this 2nd manifest and all is well now.
Thanks for all the help
This is a feature of UAC to make old applications compatible with Vista. It redirects any request to write to a system folder that the user lacks permission to a local folder.
They are stored under "AppData\Local\VirtualStore" folder under the current user's profile. There is a group policy setting to disable this feature: "Virtualize file and registry write failures to per-user locations"
This file and registry virtualization features are designed to allow legacy applications to run under Windows Vista standard user accounts. Legacy application is defined as a 32-bit executable without a specific Vista manifest. If you provider a Vista manifest to decorate your application as Vista-compatible, this virtualization setting won't affect your application (as in your Wordpad example)
Mark Russinovich has a great article on this: Inside Windows Vista User Account Control
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With