Does OSS 7.5.2 need Win7 UAC?

[rbell6]

I've encountered a problem with Win7 UAC always flagging attempts to execute code with expired code signing certificates. Due to the lack of fine grain security controls it seems that the only practical solution is to disable UAC !!

I am therefore interested in finding out if anyone has already investigated the extent to which OSS on Win7 relies on UAC so as to avoid duplication of action.

[KenW]

There are ways to disable certain programs form uac, but you have to have PRO and up. I disabled uac from day one, but I am the only one using my computers.

[rbell6]

Just to close off, I have turned UAC off (set the slider control to its lowest position) and have had no problems reported either from Windows 7 (Starter & Pro) or OSS.

KenW, whilst there are ways to disable certain features of UAC, there is no fine grain control, so UAC can never 'learn' like OSS that I the user trust a specific application and therefore just let it get on with it's task. Neither does it allow me to ignore particular classes of warnings - such as expired code signing certificate.

[KenW]

UAC is just a Catch-All/Everything part of Win 7 and is only needed by people with half a brain or less. LOL
When I started to upgrade to Win 7 and install programs, UAC would ask. Ok it's a new install. But when it asked when I ran that program every time, I knew it was time to turn it off and put my trust in my antivirus and anti malware programs.

Just the "happyness of Windows"

Cheers

[KronckeW]

i also have disabled UAC. one of the more annoying and intrusive 'features' of vista that was carried over to win7. OSS's anti-malware and HIPS features are enough for me.

[Escalader]

i also have disabled UAC. one of the more annoying and intrusive 'features' of vista that was carried over to win7. OSS's anti-malware and HIPS features are enough for me.

Does this mean you run under the admistrator mode? That's what I do and I turned off UAC as well.

[KronckeW]

yes, i run logged in under an admin account, but not the 'administrator' account. all accounts have strong passwords & 'guest' account is disabled. i am a bit old school in that i think i should have access to all the files and settings on my own pc.

[Escalader]

I am the same. I have 1 account with admin powers and a strong password.

[rbell6]

Does this mean you run under the admistrator mode?

Not quite sure what you mean by 'administrator mode'. My normal system configuration is as per normal good practise: separate user account and admin account. With the user account having standard/normal user access permissions etc. and the admin account also having a password only known to IT admin (ie. myself).

My problems arose because my connection manager's code signing certificate had expired, for this event UAC will give a warning requiring user acknowledgement regardless of user account privileges; since the connection manager runs directly after user login to determine locale and enable the correct profile, it was a very obvious and irritating change in system behaviour.

Also UAC does not normally report such events to the Windows event log and I've not found a way to turn on such event logging, making UAC event determination and troubleshooting interesting ...

[KronckeW]

rbell6,

pretty sure he/we mean we use a user account with local administrator privileges. we also turn off uac because of reasons like yours. as we are both aware of the security implications, which are essentially duplicated in OP anyway, we turn it off to give us greater control over our own pcs. it's irritating and patronizing when microsofty makes these decisions for us 'for our own good'.