Does anyone have experience managing Windows machines and installations with low integrity permissions on some files? In particular, is an installer that attempts to mark files as low-integrity likely to create trouble for an installation?
I've been investigating a way to make Racket documentation work in local mode with IE. I don't want this attempt to backfire by making the Racket Windows installer more fragile overall. The problem is that, in its default configuration, IE refuses to run JavaScript local files, which means that the Racket documentation search page doesn't work. Some IE users get a panel with an "Allow Blocked Content" button that has to be clicked every time, but some users apparently don't even get that manual override. Adding a mark of the web (MOTW) to the local HTML files doesn't work well for reasons that Eli has explained: http://lists.racket-lang.org/users/archive/2008-June/025436.html Another strategy is to make the "doc" directory and content as low-integrity by setting file permissions. IE is willing to run JavaScript within low-integrity content. In that case, IE will also restrict filesystem access to only other low-integrity content --- which is fine, as long as all the documentation content is marked as low-integrity. Setting file and directory permissions, instead of modifying HTML files, addresses the problems that Eli encountered with an HTML-comment MOTW. More concretely, the installer, `raco setup`, and `raco pkg install` would run the equivalent of icacls <dir> /T /setintegritylevel L When installing Racket or building new documentation in installation scope, <dir> would be "doc" in the Racket installation's directory. When installing a package in user scope, <dir> would be a user- or collection-specific directory. ____________________ Racket Users list: http://lists.racket-lang.org/users
