Admin privs revisited...

Back with the old launcher, I found instructions for setting up CoH to run without admin privs. Basically, you could do this as long as you gave the CoH directory to a user account, at which point the updater could modify the game files without needing admin privs.

Without getting too far into "comparing to other MMOs" land, I will point out that I play other games which have updaters that are able to use the advanced technology of "files owned by the current user" in order to run without admin privs.

Is there any possible way to configure the new launcher to stick to modifying files/registry entries/etc. which are writeable/modifiable by the current user? Basically, the entire reason Windows has user accounts which are not admin accounts is so that you can set things up so that a user has sufficient privileges for that user's things, and doesn't need absolute power over the entire system. This is what, well, basically everything else I do that has updaters does.

If it can't be done, oh well, that's the point of a dedicated game machine. But it really seems like it ought to be possible, since it was perfectly possible with the previous launcher. (And with, well. Lots of other launchers and updaters.)

Obviously, if this has effects such as "other users will not be able to use the game", that's fine by me; there's a dedicated user account for playing the game. (Paranoid? ME? That's ridiculous. Who told you that?)

What OS are you running and where is your installation folder located

Vista and Win 7 will require elevation to Admin rights to write to the Program Files folder and its 32 bit equivalent and also to write to the registry under the HKLM hive

It's Windows 7.

With the old launcher, I went in on an admin account, and changed the ownership of the entire CoH folder to the games account -- this was enough to allow that account to write to that folder, and I never had admin troubles again, because the launcher never needed to do anything that required admin privs; it could, of course, write to a directory owned by the logged-in user.

I'm guessing the problem is the HKLM registry writes, and I was hoping there was some corresponding trick to allow me to do something like:

* Have the launcher use user registry, not machine-wide registry
* Otherwise bypass this

Because it really seems like giving a program that downloads and runs updated copies of other programs complete, total, and absolute access to every aspect of a machine is not the wisest first step in maintaining a secure environment. Software has bugs. I would rather run with the absolute minimum privileges necessary at any given time.

Can anyone tell me SPECIFICALLY what the launcher needs access to? According to MS, it is possible to give specific users write access to specific hunks of registry.

It's possible, I've messed with it a couple times. Process Monitor from sysinternals is helpful here, you can filter on *DENIED*.

Unfortunately the NC launcher seems to have some rather silly checks like "Directory is owned by current user and has full control over it" rather than, you know, just testing if it can write to it... So you'll have to give it to the individual user instead of the Games group, which is annoying.

The latest version of it has some other admin check I haven't been able to track down. It works, but pops up warnings and then tries to run NCAccess (which crashes). I just replaced NCAccess.exe with a simple program that does nothing, but it gets rid of the crashing at least.

Registry keys it definitely wants to be able to write to:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NCLauncher
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\NCsoft
(on 32-bit Win7 this should be directly under SOFTWARE instead of under Wow6432Node)

I also just tracked down the other random issue I was running into. Believe it or not, it was a filename case-sensitivity problem. It had "C:\Games\CohTest" saved in NCLauncher\Config\Default\GamesAddendum.xml, but the actual directory is named CoHTest (with the capital H).

Changing it in the XML file, or just deleting that file and letting the launcher re-create it cleared that message right up. Now I have it running fine without admin rights.

Interesting! I don't have that NCLauncher thing in Classes. I do have some under Microsoft\Tracing in Wow6432Node, but they have longer names, like NCLauncher_RASM32PI or something similar (it's not on screen now so I can't spell it right).

I did notice that it WORKED anyway -- if I just said no, it launched CoH fine. But I still get the UAC prompt, so I must be missing something.

Note that I have allowed it to run a few times, so if it wanted to create that NCLauncher thing, it should have done so by now. So I have no idea what it wants to do, but being told "no" doesn't seem to prevent it from running the game.

ETA: Yes, I've been using "give the directory to that specific user", it seems like it's less trouble, and this isn't really a multi-human machine, just multi-account to try to mitigate the security stuff.

Hmm, how about under HKEY_CLASSES_ROOT?

If NCLauncher isn't there, it's possible that they've changed it since then.

I don't know if you'll ever be able to get rid of the UAC prompts. As far as I know, the launcher uses the API to request elevation directly, it's not that Windows is detecting it trying to access something.

If that is indeed the case, the only way to get rid of the prompt is do disable UAC entirely and run under a non-admin account (which is what I do on my systems).

Disabling UAC would create exactly the same problems, so far as I can tell, as running as admin.

So, I did an experiment.

I just tried clicking "No". Sure enough, everything works fine. The program does not actually need admin privs. It just requests them unconditionally because the nscoft launcher devs were lazy.

It depends how you disable UAC. If you disable UAC and then run as an administrator account, then yes, that's the same as running everything as admin.

What I do is disable UAC and then run as a standard (non-admin) user. That's roughly equivalent to leaving UAC on and unconditionally clicking NO every time UAC wants to elevate something. On the rare occasion I need to install something, I have a separate admin account I can log on using.

Oh, hey, that might be a viable alternative. I could do that -- I do have an admin account, after all.

I didn't realize that turning it off wasn't just the same thing as disabling security features. I'ma go fix that now! Since my admin account has set things up so that CoH runs without admin privs, I really have no reason to ever have them available.

ETA:

And NCAccess still prompts me to tell me that if UAC were enabled, I'd need to say yes.

This software is making me seriously consider removing all my credit card information from my account and going to time cards. The people who did this are not "bad at security"; that implies some kind of basic comprehension of the issues, with some mishaps along the way. No, these people have a kind of active hostility to the very concept of security going on.

Actually with UAC active even an admin account (except for the actual Administrator account) will run applications with its standard level token unless it is specifically granted elevation to use the admin token so even if you grant your standard account admin privileges UAC will still apply to it and by default will not apply those elevated privileges.

The Windows help claims (I don't know whether I trust it) that if UAC is off, admin accounts can always do everything, and non-admin accounts can never elevate privileges.

In any event, it turns out that all the claims that the launcher "needs" admin privs are 100% false. It doesn't need admin privs. It asks for them. Leaving things configured to always say "no" has not prevented it from working, including updating the game when patches come out, or updating itself.