User`s guide
Configuring Permissions 8
You can modify parameters for security tasks that define user access to packages and change Data Execution
Prevention (DEP) protection.
Permissions parameters are generally specified under the [build options] section.
This chapter includes the following topics:
n
“AccessDeniedMsg Parameter,” on page 29
n
“AddPageExecutePermission Parameter,” on page 29
n
“PermittedGroups Parameter,” on page 30
n
“UACRequestedPrivilegesLevel Parameter,” on page 31
n
“UACRequestedPrivilegesUIAccess Parameter,” on page 31
AccessDeniedMsg Parameter
The AccessDeniedMsg parameter contains an error message to display to users who do not have permission to
run a package.
ThinApp sets an default message that notifies the user to contact the administrator.
Example: Adding a Contact Number
You can modify the AccessDeniedMsg parameter to add a technical support number.
[BuildOptions]
PermittedGroups=Administrator;OfficeUsers
AccessDeniedMsg=You do not have permission to execute this application, please call support
@1-800-822-2992
AddPageExecutePermission Parameter
The AddPageExecutePermission parameter supports applications that do not work in a DEP environment.
The DEP feature of Windows XP SP2, Windows Server 2003, and later operating system versions protects
against some security exploits that occur with buffer overflow.
This feature creates compatibility issues. Windows turns off the feature by default on Windows XP SP2, and
you use a machine-specific opt-in or opt-out list to specify to which of the applications to apply DEP protection.
Opt-in and opt-out policies can be difficult to manage when a large number of machines and applications are
involved.
VMware, Inc.
29