Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why does my application allow me to save files to the Windows and System32 folders in Vista?

I have an application written in Delphi 7 which does not require an admin privilages to run.

For some reason I am able to save files to c:\windows and c:\windows\system32 from within the application even though the application has not requested UAC elevation. I am logged in as an admin with UAC turned on and I haven't changed any of the default UAC settings. The files actually show up under Windows Explorer as well. I am not using the 'Run as Administrator' option.

If I try to do the same thing using WordPad under the same profile I get an error as expected.

Any ideas what is going on?

Th application is using Ole Structured Storage to save and includes the following manifest, if that helps.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
    <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
    <assemblyIdentity type="win32" name="DelphiApplication" version="1.0.0.0" processorArchitecture="*"/>
<dependency>
<dependentAssembly>
  <assemblyIdentity
    type="win32"
    name="Microsoft.Windows.Common-Controls"
    version="6.0.0.0"
    publicKeyToken="6595b64144ccf1df"
    language="*"
    processorArchitecture="*"/>
</dependentAssembly>
</dependency>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
            <security>
                    <requestedPrivileges>
                            <requestedExecutionLevel
                                   level="asInvoker"
                                   uiAccess="false"/>
                    </requestedPrivileges>
            </security>
    </trustInfo>
</assembly>

Edit: To be clear my application does not save anything to these locations by default. I am choosing these locations via the standard file save dialog.

Update

I have found out why my application was being treated as legacy despite including the above manifest. It turns out a 2nd manifest was also being included which did not have the 'trustInfo' section. I have removed this 2nd manifest and all is well now.

Thanks for all the help

like image 277
Jamie Avatar asked Dec 16 '08 09:12

Jamie


1 Answers

This is a feature of UAC to make old applications compatible with Vista. It redirects any request to write to a system folder that the user lacks permission to a local folder.

They are stored under "AppData\Local\VirtualStore" folder under the current user's profile. There is a group policy setting to disable this feature: "Virtualize file and registry write failures to per-user locations"

This file and registry virtualization features are designed to allow legacy applications to run under Windows Vista standard user accounts. Legacy application is defined as a 32-bit executable without a specific Vista manifest. If you provider a Vista manifest to decorate your application as Vista-compatible, this virtualization setting won't affect your application (as in your Wordpad example)

Mark Russinovich has a great article on this: Inside Windows Vista User Account Control

like image 65
mmx Avatar answered Oct 03 '22 23:10

mmx