dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1082
claudiubotez
join:2009-06-28

claudiubotez

Member

UAC in Win7 Pro 64

Hi,

If I set UAC to max in Win 7 64 pro 64, where can I find a "list" with ALL actions which will triger UAC popup?

Thanks,
Claudiu
Jasu
join:2010-01-09
Finland

Jasu

Member

I don't know about the list but UAC popup triggers everytime you need administrator privileges.
claudiubotez
join:2009-06-28

claudiubotez

Member

OK, so now I can reformulate my question:
Where can I find a "list" with ALL actions which require administrator privileges?

Thanks,
Claudiu
dave
Premium Member
join:2000-05-04
not in ohio

dave

Premium Member

You can't have a complete list, since the amount of software in the world is infinite. Even for just Windows-supplied software, the amount of software is very large.

==
Why do you demand a list? Consider this rule of thumb: it is "administration" if it affects more than the current user. Isn't it easier to deal with a rule rather than an enumeration?
Jasu
join:2010-01-09
Finland

Jasu to claudiubotez

Member

to claudiubotez
I don't know enough about Windows to answer this. dave already provided a good rule. Anyway, I give a try. Please correct my if I'm wrong.

Any changes to windows and program files directories require admin rights by default. Windows registry changes may require admin rights also. This list should already be quite complete as most of the settings are saved in registry.
claudiubotez
join:2009-06-28

claudiubotez to dave

Member

to dave
Hi Dave,

I want a list with ACTIONS which will prompt UAC set on max , not a list of all softwares...
In fact I want to compare UAC on max with a HIPS to see if makes sens to keep looking for a HIPS in 64bit or I should be happy with UAC set on max.

Thanks,
Claudiu

amazingm
Premium Member
join:2001-07-16
USA

amazingm to claudiubotez

Premium Member

to claudiubotez
I believe these provide what you're looking for:

»windows.microsoft.com/en ··· settings

»en.wikipedia.org/wiki/Us ··· C_prompt
dave
Premium Member
join:2000-05-04
not in ohio

dave to claudiubotez

Premium Member

to claudiubotez
There is only one action, really - running a program that is marked (by its programmer) as needing admin-level access.

Which is what the MS article really says:

User Account Control (UAC) notifies you before changes are made to your computer that require administrator-level permission.

Perhaps some technical explanation might help:

The OS has always(*) implemented permissions on objects and privileges on accounts. Some objects have permissions only grant access to admins; some operations inherently require privilege. Prior to UAC:

1) If an admin attempted a system call involving some sort of protected/privileged access, it would be allowed.

2) If a non-admin attempted the same thing, the call would fail, and the program could handle the error or not, as it chose.

Was there ever a list of programs that contained system calls needing elevated access? I doubt it.

With UAC, the admin sort of looks a lot like a non-admin. But in addition, UAC permits a program to declare, before it is run, that it needs elevated access. This is where prompting and/or quiet elevation can occur, depending on whether you're signed on as an admin or not.

(Programs that do not carry the requisite declaration will just get
executed in the unprivileged context and likely fail as per (2) above)

Doesn't help you with getting a list; I'm just explaining why I don't think you'll find such a list. I could be wrong, though.

(*) I speak only of the Windows NT line of descent, not the DOS/Windows family.

norwegian
Premium Member
join:2005-02-15
Outback

2 edits

norwegian to claudiubotez

Premium Member

to claudiubotez

In fact I want to compare UAC on max with a HIPS to see if makes sens to keep looking for a HIPS in 64bit or I should be happy with UAC set on max.

I think here your comments almost answer which direction you need.

UAC, no matter whether set to default or max, will always alert more to processes starting than HIPS or any type of similar program. UAC does not white list software, so it will always prompt more than a third party software, if that may be a decider on your choice - it comes back to what needs admin rights, and whether you want alerts every time it starts - you would expect some software can alert to changes, even if it is white listed for running.

Note 1:
However there may be still exploits written for the software you choose to run if you turn off UAC altogether or something of that nature.
Note 2: 64 bit may also have other issues with exploits, rumor suggests 64 bit is not as solid yet as it could be. I can be feed to the lions on that view, or someone may expand on it, everyone has their own view.

Which brings us back to 'your choices'; they will not be the the same view as many here, but who is to say you are wrong in the choices you want and make for your needs.
Mister_E
join:2004-04-02
Etobicoke, ON

1 edit

Mister_E to claudiubotez

Member

to claudiubotez
I believe the OP was hoping that UAC would generate a 'white list' of programs that were (previously) allowed with the thought that running a program again wouldn't generate the prompt.

Unforturnately, UAC doesn't work that way and will prompt each time a admin program triggers it.

(although there are programs (this one is Vista only - not Win7) that can modify/enhance(?) UAC to work in that manner, eg. - probably others as well)

edit: re-read the thread, I changed my mind - I don't think this is what the OP meant..looks like he wanted a list of what triggers UAC. Sorry.
wat0114
Premium Member
join:2012-02-20
Calgary, AB

wat0114

Premium Member

Comparing UAC to a HIPS is apples to oranges. They are completely different technologies. The only action that triggers UAC, especially at "Always Notify" (Maximum) is the attempted launching of executables that requires administrative elevation.

UAC is also used to for file and registry virtualization of 32 bit legacy apps, as well as to enable protected mode in Internet explorer.

From the following:

technet.microsoft.com/en ··· uac.aspx
quote:
The primary goal of UAC is to enable more users to run with standard user rights. However, one of UAC's technologies looks and smells like a security feature: the consent prompt. Many people believed that the fact that software has to ask the user to grant it administrative rights means that they can prevent malware from gaining administrative rights. Besides the visual implication that a prompt is a gateway to administrative rights for just the operation it describes, the switch to a different desktop for the elevation dialog and the use of the Windows Integrity Mechanism, including User Interface Privilege Isolation (UIPI), seem to reinforce that belief.
As we've stated since before the launch of Windows Vista, the primary purpose of elevation is not security, though, it's convenience: