Application maifests and UAC

> Hello,
>
> You have the gist of it, although there are (of course) some
> exceptions.
>
> - 64-bit applications are never virtualized in this way
>
> - Only certain folders and registry keys are protected by
> virtualisation (%SYSTEMROOT%,
> %PROGRAMDATA%,%PROGRAMFILES%\(Subdirectories,
> HKEY_LOCAL_MACHINE\SOFTWARE [with some exceptions])
>
> - Binary files (.exe, .dll, .sys) are NOT virtualised
>
> - Only programs running in the context of an interactive user are
> virtualised, this excludes non-interactive processes (such as
> services) as well as kernel-mode code and code running under
> impersonation
>
> Other than that, if a program runs that has a manifest specifying a
> regquestedExecutionLevel, that program will NOT be affected by
> virtualisation, and it will fail if it attempts to access a
> folder/file to which it has no access.
>
> Otherwise, if the program has no manifest, and it attempts to write to
> a virtualisation-protected file or regisitry key and it is denied
> access, *AND* a program running with admin privileges would have been
> able to perform that write, then the file/key is virtualised to the
> application and the action succeeds.
>
> MORE INFO
>
> http://msdn2.microsoft.com/en-us/library/aa905330.aspx
>
> http://download.microsoft.com/downlo.../top10wave.exe
>
>
> --
> - JB
> Microsoft MVP - Windows Shell
>
> On Mon, 14 May 2007 01:36:01 -0700, Hasse
> <Hasse@discussions.microsoft.com> wrote:
>

> >Hi!
> >
> >Tell me if I got this right!
> >
> >If an application has an application manifest for Vista then folder and
> >registry vistualization is automatically turned off, and the application will
> >fail silently if elevation isn't requested in that manifest.
> >
> >If an application doesn't have a manifest, virtualization features are
> >activated and the application will succeed regardless of elevation or no
> >elevation.
> >
> >Are there exceptions from this behaviour?
> >
> >/H

>