Most active commenters
  • StableAlkyne(5)

←back to thread

Can we talk about the rude installers not asking for installation locations?

47 points breezk0 | 16 comments | 31 Oct 25 14:16 UTC | HN request time: 0.209s | source | bottom

Title.

I think it is very rude to just install to any "default" directory and not asks the user where he wants it to be installed.

1. StableAlkyne ◴[31 Oct 25 14:49 UTC] No.45772574[source]
The most annoying instance of this is installers in Windows that just assume you want to go into `C:/Program Files`, which nowadays requires admin to be modified

This is very annoying on company machines where you may not have admin, since now there's red tape with your IT because the installer was poorly written.

Half the reason I use the WSL is because you at least get "root" on it, so permissions are never an issue

Edit: there may be something lost in translation. This post is in reference to software your IT already approves, which happens to only install to program files.

replies(4): >>45772603 #>>45772720 #>>45772764 #>>45772829 #
2. loloquwowndueo ◴[31 Oct 25 14:51 UTC] No.45772603[source]
There’s an argument to be made that this is by design/edict. The company does NOT want you installing random crap on their machines.
replies(2): >>45772779 #>>45773172 #
3. keyringlight ◴[31 Oct 25 15:00 UTC] No.45772720[source]
The other choice that some developers decide upon for 'convenience' is within appdata, so admin isn't as much of an issue if at all.
replies(1): >>45772802 #
4. criddell ◴[31 Oct 25 15:03 UTC] No.45772764[source]
Assuming C:/Program Files is a bug and you should notify the developers.

The installer should ask the user if they are installing for just themselves or for everybody on the machine.

If it's the former, the installation is typically somewhere under %HOMEPATH% (probably in %LOCALAPPDATA%), the latter will put it in %ProgramFiles%.

5. kemotep ◴[31 Oct 25 15:04 UTC] No.45772779[source]
In a Windows environment this can be managed with AppLocker, or an endpoint management solution, or 3rd-Party tool like Threatlocker.

It becomes less about controlling the users and more about stopping any bad guy dead in their tracks. If nothing but what has been implicitly authorized can execute, then 99% of ransomware attacks will be stopped immediately even after the user clicks the link.

Your company software procurement process shouldn’t be so onerous that people turn to Shadow IT. You have to work with people where they are.

6. bell-cot ◴[31 Oct 25 15:05 UTC] No.45772802[source]
On Windows, I'd classify the "where all has this thing put my data?" problem as worse than the "just assume C:/Program Files" installers.
7. RamRodification ◴[31 Oct 25 15:07 UTC] No.45772829[source]
> This is very annoying

It's a feature. You shouldn't be installing software on your work computer. Your IT department should be vetting it, deploying it, and keeping it up-to date for you.

Maybe you can tell the difference between report.pdf and report.exe, but too many people can't, so unfortunately we can't let everyone install anything.

replies(2): >>45773094 #>>45773668 #
8. StableAlkyne ◴[31 Oct 25 15:24 UTC] No.45773094[source]
> Your IT department should be vetting it, deploying it, and keeping it up-to date for you.

There are not enough IT staff at my organization to do this. They have an approved list of software that may be installed. Some common installations are automated, others are niche-enough that it's DIY.

We don't live in a perfect world where the IT staffing ratio is 1:20 (or whatever arbitrary number you would consider "good"), so this is how my organization does it.

> unfortunately we can't let everyone install anything.

Who is this "we?"

replies(1): >>45774169 #
9. StableAlkyne ◴[31 Oct 25 15:29 UTC] No.45773172[source]
No, that's the default behavior in Windows. If you install to, say, app data it's fine. If you install to program files, you need admin because it is a protected folder.

> The company does NOT want you installing random crap on their machines.

Why do you immediately jump to the conclusion that the post is about installing "random crap?"

replies(2): >>45773809 #>>45774179 #
10. JohnFen ◴[31 Oct 25 16:07 UTC] No.45773668[source]
> You shouldn't be installing software on your work computer. Your IT department should be vetting it, deploying it, and keeping it up-to date for you.

If I actually had to depend on IT to do all that, it would take forever to get anything done.

11. ◴[31 Oct 25 16:22 UTC] No.45773809{3}[source]
12. IAmBroom ◴[31 Oct 25 16:58 UTC] No.45774169{3}[source]
"We" are the large-enough companies to have full IT departments. (I hate this practice, but it is necessary.)

"Your" IT department should consider giving you your own admin account. But it's their call.

replies(1): >>45775716 #
13. IAmBroom ◴[31 Oct 25 16:59 UTC] No.45774179{3}[source]
If it's not approved by IT in advance, by definition it is random, and quite possibly crap.
replies(1): >>45775648 #
14. StableAlkyne ◴[31 Oct 25 19:16 UTC] No.45775648{4}[source]
Where did I write that it was not approved in advance...?

The post is about requiring admin to install to Program Files. Even if it is an approved piece of software, you're still going to need admin to install it.

replies(1): >>45785957 #
15. StableAlkyne ◴[31 Oct 25 19:23 UTC] No.45775716{4}[source]
> Your" IT department should consider giving you your own admin account. But it's their call.

Seems like a bit of an extreme solution for one-off installations that are rare enough to not be worth bothering to automate.

Good example of this is scientific software like Gaussian (a "common" quantum mechanics package): needs admin, expensive and strict license that gets audited. It's approved, but we have a single digit number of people using it. It's just not worth the time to automate a script around an install that only happens once every year or so on average, when they can just temporarily elevate the user.

16. ◴[01 Nov 25 22:20 UTC] No.45785957{5}[source]