"cquirke (MVP Win9x)" <
[email protected]>
Generally it is on HD permission, but not always. If the app/game is doing
less than wise things with protected parts of the registry then there is
nothing that can be done with regard the HD structure permissions
Fair enuff. There are quite a few custom-data accounting apps that
tuck their data within or under their base dir, and that also breaks
if it's not allowed to write to "Program Files".
In a nutshell there are a ton of unsafe apps out there since they were
developed for the 9x platform
Well, they were written for the 9x platform - understandable, given
that until XP, NT lagged behind in budled DirectX and user mass.
...and the vendors were never forced to program safely. Unsafe
being defined as wanting to alter either parts of the registry or parts
of the HD structure that an application has no business touching
Hm. I remember MS beating the drum for app vendors to dump in the
registry rather than use private config files, which IMO is not always
appropriate (causes needless bloat if there are no other apps on earth
that ever need to see those settings). I didn't hear much about
"write to HKCU but not HKLM" etc. at the time, or even now.
Same with "Program Files"; the push was to use it, rather than dumping
off C:\ (and I'm glad about that). From the Win9x side of the pond, I
never heard MS saying where to save data, through from the Win95 SR2
days on I was trying to scoop data into a common subtree for backup.
These same vendors never had a version of the software/game
that would run correctly on any NT kernel but since the target audience at
the time, for the most part, was running a wide open unprotected platform,
they didn't care. And since an admin class user is running mostly carte
blanc, they still don't care since the XP default is multiple admin class
users which is an unsafe mode of operation..
At present, limited accounts in XP Home are IMO too awful (and yes,
unsafe) to bother with - given that one is forced to accept dumb MS
duhfaults that have risk implications, such as hiding hidden files,
paths and file name extensions. You can only apply those settings if
the account is admin, and you cannot pre-apply them to the prototype
from which new accounts are created.
With those and other limitations in mind, I consider multiple or
limited accounts (and especially subsequently-spawned accounts) as
unfit for use. Let's hope the design improves with the next revision.
-------------------- ----- ---- --- -- - - - -
Running Windows-based av to kill active malware is like striking
a match to see if what you are standing in is water or petrol.