make NVDA updatable without administrative rights (same behaveour as Mozilla applications)

[gregjozk]

I use NVDA also in corporate environment and always when a new version of NVDA becomes available, I must contact our IT department "helpdesk" when I wanted to update NVDA.

I would not have suggested this if I have not observed, that some programs like Mozilla applications do not need administrative rights to update themselves.

Expected behavior:

NVDA can be (self)updated without entering an administrative credentials.

Actual behavior:

When NVDA updates itself, you must enter an administrative credentials.

System configuration:

NVDA version:
2017.2 and next snapshots

NVDA Installed or portable:
installed

Other information:

Windows version:
w10 1703 with latest updates installed

thx for your good work.

[LeonarddeR]

Although I understand your suggestion, I don't think this should be done.

1. Mozilla and other auto updaters require a separate service running in the background, which is a bit aggressive IMO. It shouldn't be the default at all.
2. Usually, system administrators lock down administrative privileges because they want control over what is updated and what not. It is very unlikely that an auto updater for NVDA would be allowed in a corporate environment.

[gregjozk]

Hi,

I understand this. there are security reasons and other policies. so it was only a suggestion if it is possible to do. may be a check box can be implemented where a user would choose if he or she wants to use a background service for updating NVDA.

[fernando-jose-silva]

I would just like to reinforce my interest also in this functionality.
I also use nvda in a corporate environment and it is necessary every time to request the administrator right for a short time to be able to do the nvda update.
This also prevents the use of nvda next or master, as they have much more frequent updates.
Finally I should point out that I often need to contact support because the antivirus used in my organization symantec assumes that nvda is a threat and deletes the executable from nvda and it is necessary to request the famous administrator rights to be able to reinstall Or nvda.

[LeonarddeR]

@fernando-jose-silva commented on 28 jul. 2017 22:25 CEST:

I also use nvda in a corporate environment and it is necessary every time to request the administrator right for a short time to be able to do the nvda update.

Still, do you think your administrators would allow you to have auto updating enabled for NVDA? They usually want you to ask for administrative privileges for a reason.

This also prevents the use of nvda next or master, as they have much more frequent updates.

I don't think next or master should be used in protected corporate environments anyway. There is something to say for master, but Next would be a no go. Imagine a broken next build and you would be further from home.

Finally I should point out that I often need to contact support because the antivirus used in my organization symantec assumes that nvda is a threat and deletes the executable from nvda and it is necessary to request the famous administrator rights to be able to reinstall Or nvda.

I assume administrators could also whitelist NVDA? Still, I think this should not happen and this might be worth opening a separate issue. @jcsteh, thoughts about this?

[jcsteh]

I don't think the use cases provided here (corporate environments) are valid, since administrators would normally disable such functionality due to wanting additional control over what gets installed. This is probably more relevant for home users so that updates just happen transparently for them, thus encouraging immediate install of updates. So, I think this is a valid feature, though possibly not for the original use case. However, it's very low priority, especially as it's hard to get this right (security would need to be considered very carefully) and I think there are bigger wins that should be considered first (applying most of the update before the restart).