Vista's UAC outdated design?
My work machine has recently been "upgraded" to Windows Vista. I have an application which works flawlessly under Windows XP. One of the applications features is to generate reports to rtf file. When I attempt to do so Vista warns me that I cannot write to the users\documents folder because it is readonly.
Yes that is correct apparently Vista believes that the users own Documents folder, created by Microsoft for the purpose of writing data, cannot be written to by the user. Now the permissions are such that the user, administrators, system and network service all have full control of this folder.
Now the user is able to save files from this application to a network drive, and can create files from outside of this application to the user's documents folder, but combining the two fails.
However, if I disable UAC then I am able to write to the folder. Amazing UAC makes my personal documents folder readonly for some applications against my will...
UAC appears to offer even more irritation than simply making you click continue all the time when you are trying to use your computer. Now as an MCSE etc. I understand the purpose of security, but as a software developer I also understand UI design. It is well known that your standard OK Cancel buttons are ignored by the less competent users. These are the very users that UAC is attempting to protect. UAC quickly becomes an automatic and meaningless click.
Security needs to be practical. For example if your company implements a strong password policy, 8 digit alpha numeric, with uppercase and lower case required, that must be changes each month and cannot be the same as the last 12 used, well quite simply 2 things will happen, the IT department will have hundreds of "reset my password" calls, and users will write down their passwords on a piece of paper so that they can remember them. If someone just needs to read the password off a piece of paper it completely defeats the point of introducing strong password policy...the same is true of the UAC.
Yes that is correct apparently Vista believes that the users own Documents folder, created by Microsoft for the purpose of writing data, cannot be written to by the user. Now the permissions are such that the user, administrators, system and network service all have full control of this folder.
Now the user is able to save files from this application to a network drive, and can create files from outside of this application to the user's documents folder, but combining the two fails.
However, if I disable UAC then I am able to write to the folder. Amazing UAC makes my personal documents folder readonly for some applications against my will...
UAC appears to offer even more irritation than simply making you click continue all the time when you are trying to use your computer. Now as an MCSE etc. I understand the purpose of security, but as a software developer I also understand UI design. It is well known that your standard OK Cancel buttons are ignored by the less competent users. These are the very users that UAC is attempting to protect. UAC quickly becomes an automatic and meaningless click.
Security needs to be practical. For example if your company implements a strong password policy, 8 digit alpha numeric, with uppercase and lower case required, that must be changes each month and cannot be the same as the last 12 used, well quite simply 2 things will happen, the IT department will have hundreds of "reset my password" calls, and users will write down their passwords on a piece of paper so that they can remember them. If someone just needs to read the password off a piece of paper it completely defeats the point of introducing strong password policy...the same is true of the UAC.
Comments