I hope that people are not losing sight of the basic problem: If a Vista user selects the first option in the installer (see screenshot in my original post) then IrfanView is left in a state in which it thinks it can modify its own INI file, but it can't.

For the record, I agree with MItaly that if you want to do a portable installation, you should have to indicate that in the installer.

I think you are in to a philosophical argument here.
The State of Vista has a law that says you must always wear a seat belt. The State of XP allows a responsible adult to decide for themselves whether to wear one. Should car manufacturers fit a device that prevents you from starting the engine if you do not wear your seat belt, and should it behave differently in different States?
Some say that you should always wear a seat belt, and that anyone who does not wear one is not a responsible adult. Others maintain that you should always have freedom of choice, especially since Vista makes you have an air bag too to keep you out of trouble if you do ignore the law.
I don't want to tell anyone what they should believe, but I do think they should have enough information to understand the risks they take.

Hmm, apologize for not taking the Vista situation into consideration regarding my comment.
I guess I just get lost in understanding those imo silly user rights system path conditions to edit an ini file.
Now things even are becoming 'virtual'. Sorry, I will pass here.
It seems that installing IV in a non-default-directory should be considered the same as portable on a stick now. Well...

The guidelines may not have begun with Vista, but it sure has made us take them more seriously. My point was simply that the first option in the installer should still be available for directories other than Program Files. I think that is what everyone has been saying. I was not suggesting trying to put the INI in the program folder in Program Files. There is no point writing to it there, if it is a security risk. I think MItaly's reorganized setup method is a fine choice for most people. Despite the fact that you can write to Program Files in other OSs, I see no reason to do so, if it is not necessary and only causes problems.

However, what about the person who runs an isolated system and only uses trusted software? For instance, I initially obtained IrfanView from a software CD. If they do not have vulnerabilities, why shouldn't they be able to write to Program Files? And what if they don't need true user control? What if they want the same settings for their program for all user accounts? Is the answer to simply not install in Program Files?

It has not been my goal to understand Vista's enhanced security, as I do not run it. But, I am curious Mij, how would someone write to Program Files in Vista? How would you change the redirect in the IrfanView INI if it were there? Do you have to turn off UAC temporarily or what? Are file operations not write operations? I also don't see how you could do a silent install if you have to give permission.

We did have automatic seat belts at one time, but they were removed in favor of manual belts and an airbag. Still, the airbag without wearing a belt provides little safety, as they are meant to work together.

See it on the other side: why should they? For the application data there's a perfectly licit place, why should you put them elsewhere? Would you use a fork to cut a piece of meat?
They simply wouldn't use it.
In this case the INI file must go in %allusers%\<application data>\IrfanView; if it should be editable by every user its permissions must be explicitly set accordingly.

I think you've touched on the problem. People have been getting by with using one utensil. But, you're ultimately right, there really are no reasons to write in Program Files. Application Data is fine for every user.

Hi, Skippybox. As an administrator I can edit the IrfanView INI in Program files using Notepad with no trouble at all. If I looked at the permissions for that file it would show that I have full read, write and modify permissions but the ticks are shown in gray meaning that they must be "elevated" for me to use them. In this case the elevation is done automatically, I would not even know it had been done. The attachment shows what happens if I try to change the name to i_view32.bak though. That is the Vista pop-up box that some people complain about. I am being invited to elevate my permissions manually. If I press Continue another box will pop up. I cannot show you that because I cannot capture it. Vista has turned off all services that interact with the screen apart from the ones I need to click on to Continue. It is verifying that there is a real person out there. It is all to ensure that an unknown program (a virus perhaps) cannot get in there and cause havoc.

A program that Vista cannot certify runs only with standard user permissions even if launched by an administrator. There is no way that it can write to or modify anything in Program files. An installer has special permissions to place program and data files in the Program files area but even that cannot modify them once it has put them there.

Any clearer now?

Hello Mij,

Yes, it is getting clearer. Thanks very much for explaining it so well.

You cannot rename the i_view32.ini without manually elevating permissions, but you can save the file as i_view32.bak in Notepad, then delete the i_view32.ini, all with automatic permission? How does Vista differentiate between a person and a program when automatically elevating permission?

Even if your INI is properly redirected to another location, if a copy is still in Virtual Store they will always be ignored?

So, the only way left is to utilize some vulnerability in Windows itself?!

What programs are not certified and what permissions does a program have if it is certified? An installer cannot modify files it has put there, but it can remove them or any others?

If you must give manual authority, how does a silent install work? Why can't Vista detect that a real person started the installer instead?

So, does all of this mean on Vista, it is now safe to run a computer as an Administrator all the time?

For someone who does not want to understand Vista security you sure ask a lot of questions Skippybox. I only intended to reassure people that modifying the INI file in the Program files area is quite easy, and not to venture into areas I do not really understand. If you are interested there is quite a good article on this aspect of Vista User Account Control at http://technet.microsoft.com/en-us/l.../cc709691.aspx

As for silent installation I believe you must set the Installer program to Run as Administrator, which you can still do in Vista. The point of UAC however is that I have never yet had to let a program run that way and allow it do possibly nasty things unmonitored. When an Installer needs to have elevated security level it tells me what the program intends to do and asks me if I want to continue. It really is not the hassle that some people claim. If I installed Irfanview in my own User area or a Public area, and not in Program files, I would not expect to be asked for permission. If I was, I would be suspicious of what was going on.

Some still tell you not to. I do, UAC is a complete waste of space if you don't use it.

I know, but I must be realistic and look towards the future of Windows.
I'm sorry Mij, it was not my intention for you to step beyond your knowledge. The article you've provided should help resolve anything else. In fact Mij, you've answered the most important question. That is why I didn't find this whole topic to be such a big deal in the first place. Vista still let's you adjust or fix your install choice should you not like it.

You're right, UAC doesn't seem to be so much trouble at all.

Then what is their reason?

Thanks again, Mij.

I am trying to keep this thread from turning into a big conversation about Vista security. I reiterate my original complaint:

The IrfanView installer offers you an option that does not work properly on Vista: putting the INI file in "Program Files."

As I see it, there are two ways to deal with this problem:
1) If the user is running Vista, and trying to install into "Program Files," then disable the installer option to set the INI file folder to "IrfanView folder."
2) Change IrfanView itself so that it always installs user settings in the user's application data folder.

Many people in this thread have expressed that they do not want option 2, because they want to be able to create portable installations. So perhaps option 1 would be the best?

Hi Obloid,

I think most of us are in agreement that a change could and should be made to the installer based on the model MItaly has described (normal, portable, custom install). We either must wait for more support or hopefully a moderator will promote this to Irfan.

Still, if the "User's Application Data" folder is default and you use it, why is such a change truly necessary? How have you been impacted by an option you don't use? If you are referring to the INI redirect, I don't see this as going away.

Are you saying that many people who run Vista do not understand what the implications of using the Program folder are? Are you saying that they don't know how to adjust the INI's redirect later, if they don't want to use the user's application data folder? Why was Virtual Store created if it was not a valid method of handling issues for atypical users?

IMHO what Irfan has done is quite reasonable. The option in the Installer is labeled "Advanced" and the default is to put the .ini in Appdata (if you have elected to put the .exe in Program files). That should give enough guidance to someone who does not fully understand, to do the right thing. However you label the options people can misunderstand. Some of my friends thought that a "Portable" installation was what you put onto a Laptop.

Yes, Irfan could force people to choose the recommended option. Whether he should or not is what I described earlier as philosophical. I likened it to the car maker forcing you to wear a seat belt by fitting a device to prevent the car from starting if you don't. I do always wear a seat belt but I still like it to be my choice.

..and Skippybox, I likened the Virtual Store in Vista to the airbag. I am pleased I have got one but my intent is for it never to be used. It certainly does not influence my decision about whether to wear a seat belt.

Because that other option does not work properly on Vista, so it should be removed. Why should the installer give people an option to do something that doesn't work?

IrfanView is an immensely popular program for Windows. Number 16 on this list: http://download.cnet.com/windows/

It is downloaded tens of thousands of times a day, and with that many people downloading it, even a small portion who get confused and click the "IrfanView folder" option while installing into Program Files (on Vista), are going to end up with a messed up installation.

I think it is in everyone's best interest to prevent these people from getting into this situation, rather than having them start to flood this forum with questions like "why are my settings not saved? I updated the INI file, why didn't the changes didn't take effect? etc. etc." as Windows XP slowly gives way to Vista and Windows 7.

Virtual store was created to deal with legacy (i.e. no longer being developed) applications that no longer work with Vista's security model, not for "atypical users." Please also see this quote from the link in my very first post:

Microsoft has already warned that you should not depend on virtualization being a part of future Windows releases after Windows Vista.

Who knew it could become so difficult to install something? If people don't understand the options in an installer, why are they operating it (e.g. the 'car')? Either they should learn, or give someone else the 'wheel' to assist. If people need guidance, that is OK, and maybe there should be explanations of all the options. But, would people pay attention to them?

Forcing users to choose the AppData folder, would only force some users to have to go back and edit the redirect anyway. Plus, clean up the mess they made. So is there much difference?

When I referred to Virtual Store, I only meant as a backup in Vista. Virtualization may be discontinued, but it really won't matter. IMO it will help alleviate confusion.