What good is one-click deployment?

[Jim Hubbard]

By one-click deployment I mean the ability to click on an EXE located on a
server (internet or intranet) and run it locally.

Due to the default restrictions placed on such code (no file manipulation,
no registry manipulation, etc.) what can you accomplish with the code (other
than reading and writing to non-local databases)? Almost all functional
code requires access to the local file system.

I think that most software publishers will agree with me when I say that
asking a user to use the .Net GUI to change security permissions for your
application is a joke. For products written for the masses, this would lead
to mass confusion and dissatisfaction with your application.

People don't want to actually learn how Windows works, they just want to use
it to conduct business or write a letter or play a game or whatever. People
are busy and will frequently give up on installing software if it is
confusing to them.

I see no advantage to this model whatsoever, considering the aptitude of
most PC users.

I have just been reading up on this, and I haven't found an easy answer to
increasing the security settings for Internet Security Zone applications.

Am I missing something? Is there an easy way to set permissions for an app
or DLLs that run from an internet server?

Jim Hubbard

 

[John Vottero]

By one-click deployment I mean the ability to click on an EXE located on a
server (internet or intranet) and run it locally.

Due to the default restrictions placed on such code (no file manipulation,
no registry manipulation, etc.) what can you accomplish with the code
(other than reading and writing to non-local databases)? Almost all
functional code requires access to the local file system.

I think that most software publishers will agree with me when I say that
asking a user to use the .Net GUI to change security permissions for your
application is a joke. For products written for the masses, this would
lead to mass confusion and dissatisfaction with your application.

People don't want to actually learn how Windows works, they just want to
use it to conduct business or write a letter or play a game or whatever.
People are busy and will frequently give up on installing software if it
is confusing to them.

I see no advantage to this model whatsoever, considering the aptitude of
most PC users.

I have just been reading up on this, and I haven't found an easy answer to
increasing the security settings for Internet Security Zone applications.

Am I missing something? Is there an easy way to set permissions for an
app or DLLs that run from an internet server?

One touch deployment isn't intended for the Internet Security Zone. It's
very useful for intranets where you can define a security policy that gives
full trust to your local, private web server.

 

[Jim Hubbard]

Thanks for the answer.

IMHO, Microsoft has always done a crappy job of making security for the
average (non-technical) PC user.

Implementing security is great! But not when you lock people out of getting
the most from their PCs.

What would be cool is a permissions box that popped up for
internet-distributed one-click deployments that told the user what
permission the program was requesting (if it was requesting permissions not
granted in the internet security zone) and ask the user if they trust it
enough to give that permission to the application. An option to allow all
programs from the same Distributor using certificates would also be kinda
nice.

Thanks again!

Jim Hubbard