WHAT'S IN THIS CHAPTER?
Thinking about how the UAC works
Working with the UAC
Adding UAC support to an application
The User Account Control (UAC) was a new feature with Vista — one that most users maligned as a terrible nuisance at best. Windows 7 has a toned-down version of the UAC that's less likely to cause woe. In fact, you can now tune the UAC to provide the right level of protection for your particular needs. Some users will still likely turn the UAC off because they view it as an annoyance. The UAC does provide useful functionality, however, and discussing it from a developer perspective is part of the goal of this chapter.
This chapter also examines two techniques you can use to elevate user privileges as needed. The UAC places restrictions on your application. Even if some users turn the UAC off, others will have it on, so you need to assume that all users have it turned on to ensure your application works on all systems. As shown in Chapter 10, even users who are part of the Administrators group will require privilege elevation at times in order to perform some tasks, so group affiliation is no longer enough to ensure that all applications work as intended at all times.
At one time, PCs were stand-alone machines and had no security issues to speak of. Yes, a PC could get infected by someone with a floppy, but even that form of infection required direct user interaction and was easily stopped by leaving the ...