NSIS Guidance: Customer issues with various UAC scenarios with my installer and program

Question

I'm a game developer releasing a desktop MMO game for all varieties of Windows (WinXP, Vista, Win7, Win8 including X64 variants) that has a general audience that ranges from tech savvy to non-tech savvy.

The game requires the ability to update itself at any time on a regular basis which means it needs to be installed and configured on the customer's machine with appropriate UAC privileges so it can update any and all files that are installed including the executables themselves.

I have created an NSIS installer that is configured to run without admin privileges (RequestExecutionLevel user) and installs the game (by default) to $LOCALAPPDATA of the user so that that game does not require elevated privileges to execute. The executables I install for my game are built with a manifest that informs Windows it does not require elevated privileges (this is to avoid the ugly shield icon and admin prompt each and every time you try to play the game).

The original issue I have run into is as follows:

1. Customers are downloading the NSIS installer and then copying it to a privileged location and the installer silently fails to run without any prompt that it's not running since it runs without admin privilege.

As a temporary workaround, I've rebuilt the NSIS installer to run with admin privilege, but, that opens up to potentially another problem where the customer changes the default installation directory to a privileged directory and then the game itself will fail to execute. As a temporary workaround for THAT problem, I've disabled the ability to change the default installation location until I can come up with a complete solution.

An ideal solution that I can think of is a way to allow NSIS to run normally, detect if it needs admin privileges and prompt at that point and then disallow players from installing to elevated privileged locations. I'm not experienced enough with NSIS to know if that is all possible.

Any guidance would be extremely appreciated!

Answer 1

An executable, doesn't matter if it is an installer or a simple application, should be able run from a location that requires privileges to write in, like Program Files folder, even without elevation. The only moment when the executable would need those privileges is if it actually tries to write in that location, the case for your installer is if it would, for example, try to extract some temporary files required for the installation to be performed in the folder where it was copied.

Take for example one of the many applications from your machine that is installed in Program Files folder that does not require admin privileges to run, you just double click the shortcut and it opens.

Check to see if your installer, I am not familiar with NSIS architecture, uses a special extraction folder for temporary files used during the installation, and see if you can change it to a location that does not require admin privileges.

An ideal solution that I can think of is a way to allow NSIS to run normally, detect if it needs admin privileges and prompt at that point and then disallow players from installing to elevated privileged locations.

This is not possible not even with low level APIs from what I know, but what is most important is that you are not required to apply such a solution. If I am correct, the extraction folder should be the one causing you problems. Hopefully NSIS allows you to easily configure that and set it to the correct location.