InstallAware

We would like our users to be able to install patches without requiring admin access whenever possible. Is there any way to examine a patch after you've created it to determine whether it requires admin access?

Administrator rights are often required to make the required changes to the system, for this you can use Elevated Privileges option. When an InstallAware setup runs, as long as the system administrator has set the "always install with elevated privileges policy", installations that require administrative rights will succeed. This makes sure your product always installs everywhere - even inside locked-down corporate environments where security is at a premium. Please check the link:

http://www.installaware.com/windows-ins ... ileges.htm

Thanks for letting me know about this setting. However, I can't understand why any security conscious admin would ever enable it. I'm not aware of anything that stops malware from being installed by an msi. This setting would appear to leave the user wide open to malicious Windows Installer packages.

You can simply test your patch inside a virtual machine without admin rights to see if your installation succeeds.

If your patch does not modify system files and such, you should not need admin rights at all.