|
|
On 6/29/2017 8:19 AM, clipka wrote:
> As I said: I think it is reasonable to expect you to already /know/ such
> stuff, given that you've deliberately chosen to set up a separate admin
> account. If you've been unaware of the associated pitfalls until now,
> blame it on the person who recommended to you that you should go that
> route - /they/ should have informed you about the side effects of that
> procedure.
>
Having separate admin and limited user accounts is probably one of the
most important best practices on Windows, and is one of the cornerstones
of the concept of "least privilege". The fact that you don't know this
as a professional after 20+ years amazes me.
https://social.technet.microsoft.com/wiki/contents/articles/1510.best-practices-using-a-separate-account-for-admin-tasks.aspx
http://www.lbmcinformationsecurity.com/blog/are-your-administrators-using-admin-accounts-for-everything
>> Suggesting that a user log in as admin every time just to use a
>> non-critical graphics program sounds like a pretty stupid risk to me.
>> And going into Control Panel and changing the access level of a person's
>> user account just to install or uninstall one piece of software makes
>> POV-Ray look like a special snowflake at best, and malware at worst.
>
> You do know that the issue of admin vs. non-admin account has been
> addressed by the User Access Control mechanism? You know, the thing that
> pops up a dialog each time a program does something that needs admin
> rights, even if the current user /is/ an admin.
>
There is no Access Control popup during installation. All you get is a
generic error regarding "agpl-3.0.txt". There is also no Access Control
popup when trying to access the include files. You are simply denied
access to that folder.
Mike
Post a reply to this message
|
|