As mentioned previously, many legacy Windows applications were created so you could access parts of the file system and registry that are now locked in Windows Vista, and many of these applications are not being immediately updated. However, Microsoft has devised an interesting solution within Windows Vista to provide backward compatibility so that legacy software still works.
If legacy applications attempt to access protected portions of the file system and registry without the proper permissions, UAC virtualization services silently redirect read and write operations from protected portions of the file system and registry to unprotected user-specific locations. This process is transparent to legacy software and occurs automatically.
Virtualization Example
For example, take a legacy software application that attempts to write to a configuration INI file located in:
C:Program FilesSetup.ini
Windows Vista automatically detects that you do not have permission to save to that location. Windows Vista then copies the file (if it already exists) to:
C:UsersAppDataLocalVirtualStoreProgram FilesSetup.ini
Windows Vista then allows the write operation to succeed at the new file in the VirtualStore folder. Subsequent read and write operations for that file will always use the file copy located in the VirtualStore folder. However, the application will continue to believe that it is accessing the Program Files directory (see Figure 4).
Figure 4. Legacy software will believe it is accessing the Program Files directly while Vista silently redirects it elsewhere.
For most cases this solution is sufficient, but it is not perfect. Data that the application thinks is globally accessible now becomes private to the user and almost invisible to other applications unless they also have virtualization enabled (typically only other legacy applications). Some applications will see one file, and some the other. If the application later tries to delete the INI file, the delete will appear to succeed, yet the file will still exist in the Program Files directory and remain visible to the application. If it retries the delete, an access denied exception will be thrown.
Although the majority of legacy applications run with virtualization, it is a short-term measure, not a long-term solution. Microsoft has already warned that you should not depend on virtualization being a part of future Windows releases after Windows Vista.
Advantages of UAC
Leave a Reply