× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. WDSCI-L
  3. September 2012

Re: Default directory

Jon, Joe,

Again, some more of just my opinion, yadda yadda,...

To me the fundamental problem is the protection implementation in Windows,
if it would just prevent update to the protected directories if you did
not have authority (like *nix operating systems) then I think it would be
fine. But the way it allows you to appear to write without error to them
but actually write to a shadow directory will lead you to think that
things worked ok (like applying an activation kit) when in fact it did
not.

What you want to do when installing or doing updates is to run with some
elevated permissions by using Run-As-Administrator *in addition to* using
an Id that is in the Administrators group. My understanding is that the
Run-As-Administrator action gives the process an additional token that
allows it to update the protected directories. You would need the
elevated permissions when using IM to install, update, license, uninstall,
etc. and you would need to run RDP with elevated permissions if you go to
use the Eclipse updater to install 3rd party plugins. I *think* that
the current versions of IM will request the elevation automatically but
older ones won't - not I don't have any doc to hand that backs this
statement up. The elevated permission is not required to just run RDP
normally.

Is this a good thing or a bad thing? I guess that depends. It is working
as intended in that you need to be an administrator to install/remove
software that is available to all users and it works for managed machines
where the user is not allowed to change the machine or product install.
You are certainly free to install in whatever directory you like but I
suspect that installing outside of the protected directories does make it
a little more available to the malware that Windows is trying to protect
you from.

Paul, I don't know of any reason why installing in one directory or
another would change the performance. Vanilla Eclipse will certainly be
faster as there is a whole lot less to start and run for sure.

Still all just my sleepy opinion on a Monday morning

Mike


Mike Hockings, M.Eng., P.Eng.
IBM Rational Developer for System z and Power Systems Software Technical
Support
IBM Canada Ltd. Laboratory
hockings@xxxxxxxxxx
voice 1-905-413-3199 T/L 313-3199 ITN 23133199


wdsci-l-bounces@xxxxxxxxxxxx wrote on 2012-09-16 12:27:00:

From: Jon Paris <jon.paris@xxxxxxxxxxxxxx>
To: wdsci-l@xxxxxxxxxxxx,
Date: 2012-09-16 12:27
Subject: Re: [WDSCI-L] Default directory
Sent by: wdsci-l-bounces@xxxxxxxxxxxx


On 2012-09-15, at 1:00 PM, wdsci-l-request@xxxxxxxxxxxx wrote:

Just my CDN$0.02, not the opinion of my employer, etc., etc...

The default install works exactly as intended, the product and config
is
in the protected directories and needs an administrator to modify it
yet
the product can be run by a user.

I'll take your Cdn$0.02 and raise you Mike.

I know it is _supposed_ to work this way but that was not my experience.

When I did an install using the defaults (it was my first on Win 7
and I had no clue what these funky directories were about) it didn't
perform as well as I had expected but I put it down to the VM
performance with Win 7. When I came to try to install updates it
would just blow up (something to do with being unable to delete
stuff if I recall). The messages indicated that I did not have
enough authority. Since I was the Administrator that was tough to
find a way round.

I searched various forums and posted questions here and the
suggestion I got was to avoid these "protected" directories and
reinstall in my own directory. Not only did this solve the update
problem but it seemed to run better.

Since then I have installed a couple of times for customers using
the defaults and in about 50% of the cases have experienced the same
problem, which again was cured by using a different directory. As a
result we now routinely advise customers to install in their own
directory (We usually call it IBM or RDP) because we see little
value in the protected directory status but we do see problems when
we use them.


Jon Paris

www.partner400.com
www.SystemiDeveloper.com




--
This is the Rational Developer for IBM i / Websphere Development
Studio Client for System i & iSeries (WDSCI-L) mailing list
To post a message email: WDSCI-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/wdsci-l
or email: WDSCI-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/wdsci-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.