Hi everyone, many modern programs, which are only intended to used as a non privileged user are nowadays already installed to AppData/Local. E.g. Visual Studio Code or Obsidian.
This would allow installing Anki without local admin privileges, which would first of all reduce the impact of a malicious install exe and secondly (and maybe more importantly) allow users to install Anki on machine, where they do not have local admin privilege (e.g. work computers). What do you think of this idea?
I’m assuming that the main argument for using c:\Program Files is that the app can be installed once and then used by multiple users, instead of each user having their own copy. That’s probably not too common in practice, so I would be happy to accept a PR that changes the default location. I believe users can already customize the install location, so if they’re being prompted for admin access before doing that or even after doing that, then there may be an another issue going on.
Thanks for the input. I think a flow like this should fix this:
start install.exe and you get those radio buttons:
install for all users (with UAC prompt): Program Files
install just for me: AppData
I will take a look when I find time. How is the flow here? Should I create an issue on GitHub? This was my initial idea anyways, but it said that stuff like this should be discussed here first
You can either follow up here or on a GitHub issue. Once you have it in a working state, please post a PR on GitHub.
The installer code is in qt/bundle/win/anki.template.nsi, and can be tested with .\ninja bundle after following all the other steps in docs/development.md, and confirming you can run a source build locally.
Do VS Code & Obsidian offer those options? Perhaps we’d be better off keeping things simple and just changing the default.
Something else that will need addressing is that the install location is written into HKEY_LOCAL_MACHINE, so that it can be reused & the old version removed when upgrading. I’m guessing that is what is prompting UAC access, and it will presumably need to be changed to HKEY_CURRENT_USER instead. But it would be nice if we fall back on the old key for lookup or check the old default location & display a warning, so users don’t accidentally install two different versions on their machine in different locations.