The Great UAC Debate!

[De.Bug]

UAC still doesn't remove the need for AV software though.

Very true.

[Brian Veteran]

You can configure the admin approval mode prompt (the prompt given to administrator users) to always ask for credentials if you really want to, but what's the point.

When you say "Unix," I'm going to assume you only mean OS X and the handful of popular Linux distros that come preconfigured with a sudo setup since it's otherwise a meaningless umbrella term for a whole host of OSes which can't be grouped as one.

Anyway, I would speculate that the reason it's configured to prompt for your password there is for security reasons. I suspect the sudo prompts (and whatever frontends exist for them) are not secure and could easily be bypassed. Windows deals with this by prompting on a separate desktop running in a separate session so it can't be manipulated, while OS X and the Linux distros deal with it by prompting for a password. There is also a subtle technical difference in what sudo and Windows do. Sudo substitutes users, in other words runs a program as a separate user. Windows runs the program as the same user but with a different security token.

Ah okay! I can't admit that I've understood it properly before your explanation.

[hdood]

Wrong. If you get a virus and you have UAC on your computer will be safe. The virus won't be able to touch your system files or the other accounts on your system. Your account will be attacked by the virus, but any other accounts on the machine will be safe. If you turn UAC off and you get a virus your f*****.

What other accounts? Like most other people I only have one. All my data is accessible from it, as are my programs and the internet. Malware could steal all my files, spy on me, and make me part of a botnet without ever needing administrator access. It could also ride along with a legitimate elevation request and trick me into elevating it. UAC is in no way a substitute for antimalware and common sense.

[halcyoncmdr]

Wrong. If you get a virus and you have UAC on your computer will be safe. The virus won't be able to touch your system files or the other accounts on your system. Your account will be attacked by the virus, but any other accounts on the machine will be safe. If you turn UAC off and you get a virus your f*****.

And what happens if you click allow on that UAC prompt when the malware asks for elevation? It then has access to everything it would have had with UAC turned off. UAC is no security feature. Really it is just a means to inform the user when an application is requesting admin access on the system. IF the user allows it access when prompted then there is no real difference than having UAC turned off.

UAC will limit the damage however if you don't allow access, and that alone is the reason it should stay enabled. Even if you know what you are doing, there are other ways to prevent the many UAC prompts from appearing. For example, if copying a bunch of files in Explorer, simply open your explorer windows as an admin, and voila no UAC prompts because they are already running with Admin rights.

[BeerFan]

And what happens if you click allow on that UAC prompt when the malware asks for elevation? It then has access to everything it would have had with UAC turned off. UAC is no security feature. Really it is just a means to inform the user when an application is requesting admin access on the system. IF the user allows it access when prompted then there is no real difference than having UAC turned off.

Exactly. All it does it force users to make one extra click. And anyone in IT knows that the general user never reads the information in the prompt; they just click on "OK" and blame IT for the annoyance.

[Julius Caro]

Exactly. All it does it force users to make one extra click. And anyone in IT knows that the general user never reads the information in the prompt; they just click on "OK" and blame IT for the annoyance.

That's why the user wouldn't be an admin in the first place.

And without elevation, only user folders are accessible

[Seizure1990]

All you have to do is install to a folder other than Program Files, which is protected. No more prompts.

Wait, so you're saying that to keep my system more secure, I should instead install my programs in locations where they AREN'T protected from tampering? That doesn't make sense/defeats the purpose.

Wrong. If you get a virus and you have UAC on your computer will be safe. The virus won't be able to touch your system files or the other accounts on your system. Your account will be attacked by the virus, but any other accounts on the machine will be safe. If you turn UAC off and you get a virus your f*****.

It's a good thing I only silence it, not turn it off.

[Guest xiphi]

It's a good thing I only silence it, not turn it off.

While it's better to have it silenced rather than turned off, if a virus were to request elevation, it would be granted without your knowledge. Thus, infecting your whole system. IMO, it's better that I'm given the option deny an application access to my system. Although, if you're running as a Standard User on a day-to-day basis, none of that really matters.

[+Thom Vee Subscriber²]

Uh, it's not that simple. By that logic, if I were to install CCleaner outside of PF, I'd get no prompts. Which I know would not be true since the program itself specifically asks for elevation.

Correct me if I'm wrong, but it does that because it sometimes has to access system protected folders / files. Other older software (some games in my experience) like to write to the install folder, which is why the prompt appears. All I was suggesting is that if it is software you know will be safe, you can install it to another folder.

[wds7]

Exactly. All it does it force users to make one extra click. And anyone in IT knows that the general user never reads the information in the prompt; they just click on "OK" and blame IT for the annoyance.

+1 ...It's there to annoy you ..that's all ."...good-job...on that M$ ..

"That was the first thing i shut-off .."

[HawkMan]

+1 ...It's there to annoy you ..that's all ."...good-job...on that M$ ..

"That was the first thing i shut-off .."

Good job onb replying to a thread and not reading anything in it, and being another one of those who don't know what UAC is and think it's only the prompt which is only a very small part of UAC.

[Seizure1990]

While it's better to have it silenced rather than turned off, if a virus were to request elevation, it would be granted without your knowledge. Thus, infecting your whole system. IMO, it's better that I'm given the option deny an application access to my system. Although, if you're running as a Standard User on a day-to-day basis, none of that really matters.

Erm, I could be wrong, but I don't think the UAC activates for background tasks, only user-activated ones. At least, I can only assume so, seeing as I don't get UAC requests every 5 seconds for every system service or process that happens to go off at any time.

[ozgeek]

I have came to find another great use for UAC : Cancelling accidently started installers. I'm a clumsy person and tend to accidently double-click on programs stored on the desktop or starting random games on steam (this is not common just occasional).

[Seizure1990]

Doesn't it have an entirely separate dialog for that too, anyways?

[cooky560 Veteran]

I so rarely use new versions of Windows I have little to say on it, however I like the security that the mac auth option provides a UAC similar option like this:

After experiencing it I would support UAC staying in Windows, albeit with a few fixes. (I've heard various reports of some applications being able to hide from UAC in Vista at least, this may have been fixed)

[Wannes]

What is silencing UAC? I have it set so it won't dimm my desktop but it's still present.

[xxtechxx]

i never disable this feature of windows :)

it very useful.. we can know.. what the programs will be run :D

can prevent from running PUP in background processes

[cooky560 Veteran]

No-one answered my concern about how in tests some applications have managed to bypass UAC and gain elevated status, have some of the holes which allowed this in Vista been fixed?

[DaveBG]

UAC can save your ass from some viruses (basic ones) but will cause you much more personal mental problems. So i prefer it off.

[cork1958]

The SECOND thing I do with ANY computer I touch is disable this PITA POS "feature"

First thing I do is turn the machine on!!

If nothing else, this thing has helped me wreck more machines than saved me. Get so mad seeing it pop up, especially when on a laptop with out a mouse plugged in, that trying to click continue on it, I have screwed stuff up with those equally as irritating touchpads!

Glad to see that most users here run as admin and have never been saved by this POS, irritating technology!!

[ITFiend]

Erm, I could be wrong, but I don't think the UAC activates for background tasks, only user-activated ones. At least, I can only assume so, seeing as I don't get UAC requests every 5 seconds for every system service or process that happens to go off at any time.

You are correct if you mean that background tasks will not active a user UAC prompt. UAC flat out kills those. A great proof of this was psexec. If you wanted to install software silently, running that tool when Vista first came out required you used the true "Administrator" account credentials (UAC disabled by default), disable UAC for all administrators via Group Policy, or just disabled it system wide. Otherwise it went squish due to UAC.

[ViperAFK]

You are correct if you mean that background tasks will not active a user UAC prompt. UAC flat out kills those. A great proof of this was psexec. If you wanted to install software silently, running that tool when Vista first came out required you used the true "Administrator" account credentials (UAC disabled by default), disable UAC for all administrators via Group Policy, or just disabled it system wide. Otherwise it went squish due to UAC.

He's sort of right, in that services do not need UAC prompt, but a program has to install the service in the first place which does require a prompt. Programs like steam for example will use a background service, so installing games doesn't require UAC prompt.

[rafter109]

I manage a PC repair shop and find that a vast majority of the virus infections we encounter are on XP machines where UAC is not present. On the Vista and 7 machines that do get virus infections, they tend to be less severe. UAC is not a cure-all and was never intended to be. The purpose of UAC is to require user intervention when a program requires access to protected areas (Registry, program files, system files, etc.) The idea behind this is to get the user to stop and verify before allowing the program to run. While I would agree that there are times when UAC becomes obtrusive (you cant directly edit files in protected directories), in general it has become second nature. I have personally had it save me as well. I was checking the news one day and as the ads were rolling over I got a UAC prompt for privilege escalation on a randomly named exe. I was able to use the UAC prompt to stop it and run a full scan with my AV to ensure the virus did not infect my system. All said and done, anyone would be foolish not to use a quality internet security product whether or not you choose to use UAC. I'm sure this will probably start a war with the thrifty among us but free != quality, quite the contrary. None of the free AV products have solid detection and removal records across the multitude of testing labs.

[olger901]

I'm using it on Microsoft Windows 7. Not saying it sacred, but it does provide an additional layer of protection in some cases and doesn't cost that much reasons, so I don't see any reason why it shouldn't be there. In most business I generally configure it to ask for a password additionally, so if a user has local admin rights and forgets to lock his computer that another user can't start any application in Administrator mode without knowing the users password.

[ITFiend]

He's sort of right, in that services do not need UAC prompt, but a program has to install the service in the first place which does require a prompt. Programs like steam for example will use a background service, so installing games doesn't require UAC prompt.

Sorry, I phrased that poorly. I was only referring to background processes that execute through an interactive desktop user, not non-interactive system services.

Actually the Steam service only facilitates registry changes without UAC elevation on behalf of a game prior to its first launch, and maybe change some registry ACLS here and there if a game keeps preferences in the system hive (very rare with modern games). It also helps Steam update without UAC elevation. It does nothing else.

Now, far as the file system goes, installing games on Steam does not call on UAC because the Steam client installer alters the ACLS on the Steam directory (defaults to "%ProgramFiles%\Steam" or "%ProgramFiles% (x86)\Steam" based on your Windows architecture). This directory is set so the "Users" group always gets "Full Control" over everything inside. If you strip this ACL away, the Steam client can no longer function for limited users, but if Steam launches as an Administrator it will automatically add the ACL back and then limited users can use it again. (And this is why I slap the Steam directory with harsh AppLocker whitelist only rules; any user and any processes running as a user can insert code into the Steam directory)

At no time does Steam automatically bypass UAC for...

...launching a game.

...third party copy protection activation or deactivation.

...installation of third party redistributions such as PhysX, DirectX, OpenAL, etc.

All of those trigger UAC elevation.

Fun fact: If your logged in as a limited user and Steam calls on UAC elevation during first launch of a game, when you enter your admin credentials everything related to redists as well as the game itself will execute as your admin user. This normally only happens the first time ever you launch that game on that install of Windows. As a side effect, if the game places its save files in the user profile, all saves during that first launch go to the admin directory that UAC authenticated and not your limited user. If you played a lot during that first session, you then have to go find your saved games in that admin profile and transfer it to your limited profile.

UAC becomes much more beneficial if you are using it in conjunction AppLocker policies in Windows 7 or 8, and in Vista if you use the more limited Software Restriction Policies that AppLocker replaces. (Note that home edition of 7 doesn't get AppLocker, and only 8 Enterprise will get AppLocker which is why I've already moved back to using Windows Server as my desktop environment for 2012 Release Preview.)