Mon 2 Apr 2007
1 Comment - Post Your Own
Along with Vista’s UAC security infrastructure Microsoft implemented something very clever, but has caused administrators and Perl coders frustration: User File and Registry Virtualization.
The concept of UAC (http://www.roth.net/blog/index.php/2007/04/02/vista-and-user-account-control-uac/) Â is useful since it places finer control over what non-administrators can and cannot do. One of the core tenets of UAC is that a non-administrator should not be able to make changes that impact other users. For example if I make changes to an application’s settings they should only impact me, not other users of the computer. To accommodate this non-administrative access Vista virtualizes access by creating an alternate location for files and registry keys. The OS tries very hard to make this seamless so when an application tries to access a file or registry key it is redirected to the user’s virtual storage area.
In general this virtualization works, however for technical folk who want to access files directly they may be surprised to find the files are “missing”. Let say, for example, you want to manually edit an application’s configuration file. If the application was installed in the “Program Files” directory you may expect to find the fileÂ at C:\Program Files\MyApp\MyApp.cfg. But the file is really located in the path C:\Users\userID\AppData\Local\VirtualStore\Program Files\MyApp\MyApp.cfg.
Since many Perl scripts make assumptions on where files are located this virtualization can kill a perfectly working script. For example consider the following script:
02. print < FILE >;
03. close FILE;
04. unlink( “C:\\Program Files\\MyApp\\test.txt” );
05. open( FILE, “< C:\\Program Files\\MyApp\\test.txt" );
06. print < FILE >;
07. close FILE;
08. unlink( “C:\\Program Files\\MyApp\\test.txt” );
Even though the script itself is silly (who would really want to delete a file then try to open it again?) it illustrates the problem ofÂ file virtualization. LinesÂ 1-3 will result in displaying the contents of C:\Users\userID\AppData\Local\VirtualStore\Program Files\MyApp\test.txt. Line 4 will then delete that file. Since the user’s virtualized file has now been deleted lines 5-7 will resort to displaying the contents of C:\Program Files\MyApp\Test.txt. Since the user is not an administrator line 8 will then fail to delete the file C:\Program Files\MyApp\Test.txt. Of course, if you run the script in an elevated process (runas Administrator) then lines 1-4 perform their tasks on C:\Program Files\MyApp\test.txt and lines 5-8 fail since line 4 really did unlink the file. In other words, no virtualization will occur for the Administrator.
The registry exposes similar virtualization functionality. Details on User Virtualization can be found in Microsoft’s KB article 927387: http://support.microsoft.com/kb/927387
One Response to “Vista and User Virtualization”
Leave a Reply
You must be logged in to post a comment.