Daily Archives: March 7, 2007

software development, windows

Visual Studio 2005: still needs admin rights on Vista?

2 Comments

It was good to see – at last – the release of Visual Studio 2005 Service Pack 1 Update for Vista.

I was hoping this update would remove the need to run Visual Studio 2005 with administrator rights on Vista. Unfortunately I don’t think it does. It’s hard to be sure; in fact, I can’t find any clear statement about what the “Update for Vista” actually does. Following the “more information” links on the download page is like playing the original Adventure game – a maze of twisty little passages, all alike – none of which tells you what you want to know.

Still, I note that the list of bad things which happen when you run with normal permissions still exists; so I’m presuming Microsoft still recommends using “Run as administrator” for Visual Studio.

I dislike doing this. I don’t develop on Linux as root, nor on the Mac – why should it be needed on Windows? I realise that some things need local admin rights for good reasons – registering a COM DLL, for example – but I don’t see why I should have to run the entire IDE as admin just for the sake of those few activities.

How dangerous is it? I presume it’s no worse than running as admin on XP, for example, but it’s pretty bad. For example, I checked out what happens with online help if you use “Run as administrator” to start Visual Studio. Help opens in a separate application called Document Explorer, which embeds Internet Explorer to render the online documentation. As I expected, if you open this from Visual Studio’s Help menu it runs with elevated rights. Naturally, the docs include links to external web sites. What if you right-click one of these and choose “Open link in external window”? The site will open in IE, but take a look at bottom right. “Protected mode off”. In fact, IE is now running with a high integrity level, just like Visual Studio. Nothing to stop you browsing the web from here, probably not realising you are more at risk than usual.

It’s crazy to be reading documentation and browsing the web with full admin rights, just to keep Visual Studio happy.

I intend to try running Visual Studio as a normal user and see how it goes. I reckon it will work for some projects at least.

Note: if you want to see the integrity level of the processes on your system, download the latest Process Explorer. You’ll need to select the Integrity Level column. The ins and outs of UAC and the extent to which it protects you are discussed in Mark Russinovich’s blog entry on the subject.

 

Technorati tags: , , ,
internet

Find the top ten of anything

1 Comment

This is skeletal right now, but knowing how much time we waste spend debating which is the best in this or that category (operating system, band, album, football club, office document XML schema, blog, breadmaking machine) it strikes me as a winning concept.

Top 10 Central is entirely user-driven and lets you create and vote on entries in top ten lists.

I’ve just contributed the top ten best ways to make coffee.

If it catches on it could evolve into something that is fun and occasionally useful as well.

Disclaimer: Top 10 Central is by Matt Nicholson, a friend and also the editor of dnjonline.com; I write for Matt from time to time.

 

Technorati tags: