Why Metro Style apps stop functioning if you disable "Run all Admins in Admin-approval Mode" UAC rule? RRS feed

  • Question

  • In a dual-boot Windows7/Windows 8 system with Hyper-V I disabled UAC to simplify system management and improve overall performance (otherwise you'll have to add permissions specifically for both users on all your drives in order simply tlo have access and ability to manage your own files and folders) I hope that Windows 8 (as well as Windows 7) is not designed for people or PCs who have just a single C drive and manage all their files within that %userprofile% folder)

    Prior to disabling UAC (it was more difficult to disable it in Windows 8) since you have to manually disable the "Run all admins in admin-approval mode" rule) I set DEP to be always on (not OptIn as is suggested for client syhstems), early malware detection to load only good drivers (not good and unlknown as is WDP default), enabled integrity services in both systems, turned on HAL detection in both systems and set last known good configuration to be on at a bootmanager level. I have also changed sharing permissions from everyone to guest.

    Now I have improved system performance and better manageability BUT the only thing that's not working is Metro Style apps. I suppose they are not managed locally and that's OK.

    The only thing I can't understand why UAC has become this "sacred cow" and we are all now being treated as little kids who are given just choices with respect to Metro Style APPS: either don't be a master of your own PC or you won't have any Metro style apps.

    I believe this a major issue. If these apps are so unsafe that one can't run them as Admin without own approval, then why offer them? If not, let's better make disabling DEP not an option instead of it being disabled by default in client systems while this monstrosity of childish UAC enabled.

    Windows 8 is the greatest OS I've seen, but it may fail just because of this stupidity that current Metro Apps settings entail. Then give it to kids and let them play.


    Vladimir Shipitsyn

    Thursday, February 16, 2012 9:10 AM

All replies

  • Presumably because functionality in the Metro runtime sandboxing fundamentally requires the implementation of Mandatory Access Control, which is only available with the split tokens used in Admin Approval Mode.

    I'm not sure why people see this as such a big deal. As you yourself state, the correct solution for sharing files between multiple users is to ACL the filesystem appropriately rather than just blindly assume the Admin token will work. Given that every single mainstream operating system these days implements some variant of reducing the runtime privileges of "Admin enabled" users except in the scenarios when they specifically need them, it seems foolish to expect Windows to do any differently.

    To be honest I'm more surprised that Admin Approval mode can still be disabled at all, given the reliance on it within the OS. Hopefully that will be fixed in the forthcoming Customer Preview builds.

    Thursday, February 16, 2012 10:43 AM
  • My point was that Admin approval mode does not go along well with server features implemented in Developer Preview especially with running Hyper-V core. It also becomes a hindrance if you're running a multiple-boot system (i.e. a system which has a single bootmanager for all operating systems loader entries

    Vladimir Shipitsyn

    Friday, February 17, 2012 1:24 AM