|
|
|
|
- Overview
- Choosing a manifest
- Overview
- Manifest without specific privileges
- Manifest with maximum available privileges
- Manifest with administrator privileges
- Custom manifest
- Signing an executable
Creating an executable: Managing manifests
When running an executable, Windows Vista (and later) performs several checks regarding the rights of the current user via the UAC mechanism (User Account Control). The UAC mechanism is used to make sure that an application does not exploit the privileges of a user without his knowledge: each application is started with the least necessary rights. When running an executable, the system tries to assess the rights required by the application. For example, the system detects that the application requires Administrator rights if the executable name contains "setup" or "install". If the system establishes that the application requires specific rights, requiring to be administrator, the UAC is triggered: - If the user is administrator, Windows Vista (and later) asks for a confirmation.
- If the user is not administrator, Windows Vista (and later) asks for the administrator password.
This validation is requested whenever the executable is run. If an application is intended to be used in Vista (and later), you must check the operations performed by the application in order to define the requested level of rights. To specify the requested level of rights, all you have to do is include a manifest in your executable. The manifest is used to run the executable with the requested level of rights. You also have the ability to sign the executable. In this case, the window displayed by the UAC mechanism changes color. Reminder: If the executable must be signed, specify the certificate to use. This certificate must be on the Microsoft Store (more precisely on the user store and not on the computer store). The signature standard used is PKCS7. This signature is used to: - make sure that the executable has not been modified since it was generated.
- display the editor name in the Windows download window.
Remark: The executable creation is performed by expanding the icon and by selecting "Generate the 32-bit Windows executable (.exe)" or "Generate the 64-bit Windows executable (.exe)". Overview Different types of manifest can be included in an executable. Each type of manifest allows for a specific use mode of the application. The following paragraphs present the details about each type of manifest and when they should be used. The different types of users are as follows: - User: Windows user, with no specific rights
- Power user: Windows user with specific rights or belonging to a group with specific rights
- Administrator: User with management rights (domain administrator, local administrator, ...).
The table below presents the elements requested by Windows Vista according to the user and to the type of manifest used: | | | | | User | Power user | Administrator |
---|
Manifest without specific privileges | No confirmation | No confirmation | No confirmation | Manifest with maximum available privileges | No confirmation | Ask for confirmation (1) | Ask for confirmation (2) | Manifest with administrator privileges | Ask for administrator login | Ask for administrator login | Ask for confirmation (3) |
(1), (2), (3): If the application is started from another application for which UAC has already been validated, the confirmation window may not be displayed. Manifest without specific privileges Benefit: The user will be able to start the application in Windows Vista (and later) even if the name or the description contains some specific keywords detected by Windows Vista ("Install" or "Setup" for example) as requiring the administrator rights. No confirmation is requested when the application is started. Drawback: If the application performs operations that require specific privileges (write into the registry, write into the system directories, ...), these operations will fail and no error message will be displayed if no specific process of the error is performed by the application. The presence of the manifest cancels the redirection system of UAC. Manifest with maximum available privileges The "Manifest indicating that the application requires the maximum available privileges" option is used to start the application in Windows Vista (and later). The executable will be run with all the privileges associated with the user account that runs it. If the user is an administrator, a confirmation window will be displayed when running the executable.
If the user belongs to the "Power user" group, "Replicator" group or any other special group, the window for entering the administrator password will be displayed.
Manifest with administrator privileges The "Manifest indicating that the application requires the administrator privileges" option is used to start the application in Windows Vista (and later). The executable will be run with all administrator privileges. If the user is an administrator, a confirmation window will be displayed when running the executable.
If the user is not an administrator, a window for entering the administrator password will be displayed.
Custom manifest The "Custom manifest" option allows you to include a ".manifest" file of your choice in the executable. Remark: A ".manifest" file has a specific structure. Example of file: <?xml version="1.0" encoding="UTF-8" stand-alone="Yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="MyApp" type="win32">
</assemblyIdentity>
<description>Test application</description>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security xmlns:ms_asmv3="urn:schemas-microsoft-com:asm.v3">
<requestedPrivileges>
<requestedExecutionLevel level="requireAdministrator">
</requestedExecutionLevel>
</requestedPrivileges>
</security>
</trustInfo>
</assembly> Caution: The default manifest contains information such as how to display tooltips and how to use certain menu options. To find these features, the custom manifest must contain the following information: <dependency> <dependentAssembly> <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="X86" publicKeyToken="6595b64144ccf1df" language="*" /> </dependentAssembly> </dependency> If the UAC is enabled in Windows Vista (and later), the signature of a WINDEV application triggers the display of a blue confirmation window (instead of orange windows). To sign a WINDEV application, you must contact a company for code signature. For example: Verisign, Thawte, ... These companies will help you install the certificates on Mobile or Smartphone devices. Remark: The wizard for executable creation is used to sign the WINDEV and Mobile executables. Simply select the desired certificate.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|