On Nov 10 02:28, Christopher Faylor wrote:
> On Sat, Nov 09, 2013 at 06:30:50PM +0100, Corinna Vinschen wrote:
> >What changed is the way how normal users can install for "just them".
> >No name tweak but an option instead.  Given what you wrote, an
> >installation as normal user right from the net was not possible before,
> >so just the method to do it changed slightly.  By documenting it
> >somewhere, we should be all set, shouldn't we?
> 
> So, in other words, an end user will no longer have to rename setup*.exe
> to foo.exe to bypass enforced elevation but will, instead, just have to
> use a command-line option.  Sounds good to me.  We can add words for
> that to the install.html web page and to the FAQ.

Exactly what I had in mind.  I have some changes to setup-net.xml in the
loop.  I'll add some more to the FAQ and upload that next week.

Nevertheless, on second thought we *could* do more, if we want to,
now that we have our permissions completely under our own control.

Provided somebody has fun working on that stuff, what we could do,
for instance:

- Per the Microsoft UAC guidelines(*) the elevation prompt should not
  be shown at all if UAC is switched off.  The idea is to show a dialog
  instead, telling the user "this application requires admin privs,
  yada yada", but in fact our setup would run as normal user just fine
  if we let it.  See the next point.

- Right now setup simply exits if the elevation didn't work or was
  canceled.  What about a dialog instead, which asks the user something
  along the lines of "Elevation canceled" or "UAC turned off", and then
  "Setup can run without admin privs with some restrictions, are you
  aware of them and do you want to do that? [Yes/No]"

- This could be even more elegant if setup checks if the installer path
  in the registry is in HKLM.  If so, it could refuse to do its stuff
  without admin rights, because it knows that the original installation
  has been performed with admin rights.  Chances are high then, that a
  normal user won't have enough permissions to update the installation.

- Something we could have done all along (and which has been mentioned
  on the Cygwin ML): We could drop the "All users"/"Just me" choice if
  the user has no admin rights.  After all, the "All user" stuff can't
  be written anyway without admin rights.


Corinna


(*) http://msdn.microsoft.com/en-us/library/windows/desktop/aa511445.aspx

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat