HEADS UP: Windows Vista users

Simon Marlow simonmarhaskell at gmail.com
Thu Apr 12 04:41:29 EDT 2007

I've discovered a gotcha that happens when trying to use Cabal on Windows Vista. 
  If you compile Setup.lhs to a binary (as I often do), with something like 'ghc 
--make Setup', and then try to run it, you'll get something like this:

   $ ./Setup configure
   Setup.exe: Permission denied

This is due to a highly dubious security "feature" in Vista whereby it detects 
that you might be trying to run an installer-type program and refuses to execute 
the binary without elevated permissions.  The idea is that ordinary users won't 
be confused when their installer fails partway through due to insufficient 
permissions.  Unfortunately this works by matching on the name of the 
binary(!!!!), so names like "setup", "install" etc. are affected (there isn't a 
complete list, apparently).

Other casualties are:

  * cabal-setup (compiles Setup.hs to setup.exe)
  * The GHC build system, which now uses Cabal
  * 'make install', which runs /usr/bin/install.exe

More details in this MSDN thread:


and this Cygwin thread:


Fortunately you can turn off the behaviour: Start->Run->secpol.msc, then 
Security Settings -> Local Policies -> Security Options ! UAC: Detect 
application installations and prompt for elevation.  It appears you need to 
reboot for the change to take effect.

The right workaround is to add a manifest to the binary asking for no security 
elevation, apparently this is quite easy.  We'll need to get GHC to do this for 
every binary it generates in the future.

For now, I'll put a note in the building guide and FAQ, and make a ticket for 
GHC 6.6.2 to do the manifest thing.


More information about the cabal-devel mailing list