« Notes on the AIR File Format | Main | Why AIR Doesn't Ask for Permission »

AIR's Unrestricted System Access Warning

If you've ever installed an Adobe AIR-based application--you have installed one, right?--then you've probably noticed the installation screen warning that the application you're installing will have unrestricted system access. I'm frequently asked by developers how they can get rid of this warning, lest it scare off some of their customers. The short answer: you can't.

When we developed the installation screens for AIR, one of our major goals was to make sure they were informative. Installing an application on your machine is a big deal. You're trusting code that someone else wrote to not steal or destroy your information. If you're going to do this, you ought to be well-informed regarding what you're installing and what risk you're taking.

The "unrestricted system access" warning is there to make sure you know that, once you install this application, you're trusting it to behave. No one else is going to keep an eye on it for you.

Some future release of AIR might offer to perform this function for you--that is, restrict the system access of certain applications. With that capability, you might make different decisions about which applications to install. But that's all theoretical for now. Right now, all application are unrestricted. Even if they don't need to, say, access the filesystem, they still can. So that warning shows up every time.

How do you know, then, which applications to trust? I recommend making that decision based on the publisher's identity--the other major piece of information on that first installations screen.

Posted by Oliver Goldman on May 11, 2008 07:57 PM |

Comments

The only criticism on the internet regarding Air is security and that Air can access the file system.

Why not display the warning you are talking about before each time the application ask to access the file system (and what folder or file in the file system). Of course you could offer an option to ask to never display this warning again.

Actually everything works like that, windows firewall, anti-viruses, user trust this sort of warning.

Users must trust Air ! :)

Posted by: Tek | May 12, 2008 01:35 AM

This Unrestricted Access thing is pretty scary as an end user. Don't think it's good enough for you to say Trust Us.

Posted by: Michael Quinn | May 13, 2008 01:39 AM

@Tek - They key thing to remember here - is that AIR applications are desktop applications. The examples you gave are for utilities as opposed to functional applications.

I don't believe any user would be satisfied if Microsoft Word prompted them everytime the application attempted to access the file system.

I think that the install dialog might need to be tweaked in some way, but I do not believe that there should be some kind of dialog before accessing system resources.

Posted by: David Tucker | May 20, 2008 04:21 PM

Dialogs are a terrible idea. I hope things never go that way.

I do think that the warning doesn't need to appear in the installer however if the app isn't going to have filesystem access for example. The compiler knows which packages are being included in the application, so surely it could adjust the warning to suit.

Posted by: Tony Fendall | May 25, 2008 08:01 PM

I'm in this situation right now. I purchased a Thawte cert and expected the Warning sign to go from red to green. Instead, it's yellow. It's fine if you want to warn the user about unrestricted file access. But if the publisher has a cert, the icon should be green. This would tell the user that installing this program could be harmful, but the publisher is trusted. That's my only beef.

Posted by: Tom Esposito | July 1, 2008 01:33 PM

I think the main problem with this is that "system access" isn't very well defined. As an admin, I take it to mean the worst. Root access for instance.

From an interface perspective it's not very appealing to the enduser. The red circle with a cross through it means something is wrong; don't proceed. A happy medium would be to just make it green like the "publisher identity" checkmark with "STANDARD" or something of that sort, and a description of the access it has.

I appreciate your security concern. I just think it could be handled in a different manner that wouldn't be so off-putting.

Imagine going to kiss a girl (for instance), and she has a sticker next to mouth that says "contains bacteria". Not appealing.

Posted by: chris rosa | July 25, 2008 07:05 PM

I echo the sentiments of Tony above. I spent $300 on a Thawte "identity" cert for our application and I could have just saved the money.

Every application installed on a computer has access to the file system. It is ridiculous for us to be required to have an identity cert and then punish us for using YOUR product.

Posted by: Mike Johnston | August 26, 2008 03:46 PM

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)