User Account Control, Digital Signing, and Manifests in LabVIEW Built Applications
Primary Software: LabVIEW Development Systems>>LabVIEW Professional Development SystemPrimary Software Version: 8.2
Primary Software Fixed Version: N/A
Secondary Software: N/A
Problem: I need to make my LabVIEW applications and installers compatible with Windows Vista. Is there anything specific I need to do?
Solution:
User Account Control
Windows Vista from Microsoft introduces additional levels of security, including User Account Control. By prompting the user to enter an administrative password prior to installing applications or completing other tasks, User Account Control helps prevent users from inadvertently introducing viruses or other types of changes that might destabilize the system. Additionally, a user who logs into Windows Vista as a standard user can write only to specific locations on disk. Standard user is the default login for Windows Vista. Refer to the KnowledgeBase for more information about User Account Control on Windows Vista.
The security changes introduced by Windows Vista result in the following two issues to consider when using the LabVIEW Application Builder for Windows Vista:
- LabVIEW embeds an application manifest in every LabVIEW built application and installer.
- Built applications and installers for LabVIEW built applications are not signed.
LabVIEW 8.2.1 is the first version of LabVIEW to officially support Windows Vista.
In addition to this KnowledgeBase topic, you can refer to the following KnowledgeBase topic for more information about developing applications for Windows Vista:
- KnowledgeBase— Contains links to several resources external to the National Instruments Web site, including Microsoft.
Application Manifests
LabVIEW 8.2.1 embeds an application manifest in every LabVIEW built application and installer. Because the manifest is embedded in the application, you must retrieve the manifest before it appears in the directory with the application. The manifest is an XML file with the extension
.manifest
. The manifest contains information that describes the application properties to Windows. While manifests are not new to Windows, the security section of the manifest is a new feature. You can now specify the requested execution level in the manifest for an application you deploy on Windows Vista.Specifying the execution level of the application determines the required security privileges you need to launch an application. The execution level of the application determines if the application displays a dialog box prompting the user to give administrator consent or to enter an administrator password before launching the application. Applications that require administrator privileges have a security shield overlay on the application icon. Whether the application runs as an administrator or standard user then determines several properties of the application, including the directories to which the application can write. If you launch an application as a standard user, the application cannot write to protected directories and registries. The
Program Files
directory is an example of a protected directory on Windows Vista.Microsoft recommends that applications run without requiring administrator privileges. Therefore you should design applications so they do not attempt to access protected areas of the operating system. Running without administrator privileges gives all users the opportunity to run the application as intended.
The following code is an example manifest for a LabVIEW built application.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0>
<assemblyIdentity version="1.0.0.0"
processorArchitecture="X86"
name="National Instruments.LabVIEW.LabVIEW
"
type="win32"/></assemblyIdentity>
<description>
LabVIEW Development System
</description>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel
level="asInvoker"
uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
The requested execution level of a built application can be any of the following values:
- asInvoker—(Default) The built application executes with the same access privileges as the user, either standard or administrator. The application does not display a dialog box prompting the user for consent before it runs. If the application runs as standard user, the application cannot write to protected directories. If the application runs as administrator, the application can write to protected directories.
- highestAvailable—The built application executes with the highest access privileges possible. If the user has only standard user privileges, the application does not display a dialog box prompting the user for consent, but the application cannot write to protected directories. If the user has administrative privileges, the application displays a dialog box prompting the user to either consent or to enter the administrator password and can write to protected directories.
- requireAdministrator—The built application executes at the administrator level. If the user has only standard privileges, the application displays a dialog box prompting the user to enter the administrator password and can write to protected directories. If the user has administrator privileges, the application displays a dialog box prompting the user for consent before it runs. The application can write to protected directories.
If you develop a LabVIEW built application in LabVIEW 8.2.1 or later and deploy the application on Windows 2000/XP or earlier, a built application that includes a manifest and has the requested execution level specified does not exhibit the Windows Vista behavior. Windows 2000/XP ignores the security section of the manifest.
The setup.exe
in LabVIEW built installers also contains a manifest. The default requested execution level is requireAdministrator
. Because the setup.exe
updates system-level files, settings, and configurations, avoid changing the requested execution level of setup.exe
. Changing the requested execution level of setup.exe
might cause the installer to function incorrectly.
Note: Versions of LabVIEW prior to 8.2.1 also embed a manifest; however, the security section of the manifest is new to LabVIEW 8.2.1. The security section of the manifest is particularly important for applications you deploy to a Windows Vista system.
Refer to the KnowledgeBase for more information about application manifests.
Editing the Application Manifest
Microsoft highly recommends that the requested execution level of an application be asInvoker
. Therefore, asInvoker
is the default requested execution level for all LabVIEW 8.2.1 built applications. However, there might be occasions where you cannot adhere to this recommendation. Complete the following steps to edit the manifest.
- You must verify that you have installed
mt.exe
on the computer before you can edit the manifest. Use mt.exe
to interact with the manifest using command-line arguments. If mt.exe
is not on the computer, download the Software Development Kit from the Microsoft Web site. The Windows Software Development Kit for Windows Vista and .NET Framework 3.0 Runtime Components contains mt.exe
. Refer to the KnowledgeBase for information about downloading this SDK.
- To edit the manifest, you must first retrieve it. Complete the following steps to retrieve the manifest.
- Open the command line window.
Note On most Windows operating systems, you can access the command line window by selecting Start»Run, entering cmd
in the Open text box and clicking the OKbutton.
- Enter the following command to retrieve the manifest:
mt.exe -inputresource:
directory path
\
Application Name
.exe -out:Application Name
.manifest
in the command line window where directory path
is the path to the built application and Application Name
is the name of the application.
Note If mt.exe
is not in the same directory as the application whose manifest you want to retrieve, you must specify the path to mt.exe
in the previous command.
- Press the <Enter> key to run the command. The application manifest with the file extension
.manifest
appears in the same directory as the application.
- Complete the following steps to edit the manifest.
- Right-click the manifest in the destination folder and open the file in a text editor or an XML editor.
- Locate the code
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
. Change the value asInvoker
to requireAdministrator
or highestAvailable
depending on the execution level you want the built application to have.
- Save the manifest file.
Validating the Manifest
The tags within the manifest are case sensitive. It is good practice to validate the changes you make to the manifest after you edit it. However, validating the manifest does not find spelling errors. Complete the following steps to validate the manifest.
- In the command line window, enter the following command to validate the manifest:
mt.exe -manifest Application Name.manifest -validate_manifest
in the command line window whereApplication Name
is the name of the application.
- Press the <Enter> key to run the command.
Applying the Manifest
After you edit and validate the manifest, you must apply the changes. Complete the following steps to apply the manifest.
- In the command line window, enter the following command to apply the manifest:
mt.exe -manifest Application Name.manifest -outputresource:directory path\Application Name.exe;#1
in the command line window where directory path
is the path to the built application andApplication Name
is the name of the application.
- Press the <Enter> key to run the command.
Digital Signing
Digital signing lets users verify who created an application and decide whether the application is safe to install or run. Because Windows Vista offers additional levels of security, users might encounter additional dialog boxes warning them about the risks of installing or running unsigned applications. By default, LabVIEW does not sign built applications so you can customize the digital signature for an application. To reduce the amount of dialog boxes a user encounters, sign LabVIEW built applications and installers.
Note: You cannot sign applications or installers in versions of LabVIEW prior to 8.0.
You need the following tools to sign an application or installer:
- Signing certificate—You can purchase signing certificates from a number of vendors, including Verisign. You can purchase signing certificates only for companies or organizations. Individuals cannot purchase signing certificates.
- Signing tool—The Windows Driver Kit includes the signing tool. You use the signing tool to apply the digital signature. Refer to the KnowledgeBase for more information about downloading the Windows Driver Kit.
To sign a LabVIEW built application, you need to sign only the .exe
file. To sign a LabVIEW built installer, you need to sign only the setup.exe
. You do not need to sign any other files for LabVIEW built applications and installers. Digital signing involves procuring third-party providers for digital certificates, and no single procedure for signing code exists. Refer to the KnowledgeBase for more detailed information about digitally signing applications or installers for deployment on Windows Vista.
Examples
When you edit manifests and sign applications or installers, you must do so in the correct order to avoid overwriting the manifest or voiding the digital signature. You must always edit and apply the manifest before signing the application or installer. The following examples suggest the order you should follow for editing manifests and applying digital signatures.
LabVIEW Built Applications
- Build the application.
- Edit the application manifest, if necessary.
- Sign the application
.exe
file.
- Build the installer.
LabVIEW Built Installers
- Build the installer.
- Sign the
setup.exe
file.
Rebuilding a LabVIEW built application or a LabVIEW built installer results in setting the manifest back to the default settings. If you make changes in the manifest and then rebuild the application or installer, you must change the manifest again. Additionally, if you rebuild an application or installer that you signed, you must sign the application or installer again.
'via Blog this'
No comments:
Post a Comment