OK, the problem must be farther up the chain, then. I was basing my diagnosis on the statement "Closing the browser will resume the screensaver."

According to Dale, that statement is not true, and MA3 really does not resume. There's a section of code I added a couple of months ago in answer to Vista users complaining about all the black-screen flashes as the program is shutting down. My solution was to switch to a window just an instant before exiting. That may be causing problems with the password system in Vista.

Actually, I don't think that's the problem at all. This is one heck of a security hole, and to be fair, I think it's as much Microsoft's problem as Jim's. Here's what's happening (as far as I can tell):

When the screensaver is launched with "Display logon screen" checked, Vista launches the program in its own "space" (a secure desktop). The logon prompt won't appear until *all* processes in the secure desktop have closed. On my Vista machine, I clicked the website button; then I "requested" c:\windows\system32\cmd.exe, which I was able to save and then run. From my newly opened command window, I was able launch several other windows applications. I didn't get the logon prompt until every last one of them was closed down.

This link may help explain it a little better:

http://www.eggheadcafe.com/forumarch...st25116607.asp

By comparison, Windows XP closes the secure desktop as soon as the screen saver terminates, and kills any child processes immediately. Clicking on the website button on my XP machine terminates the screensaver gives me the logon prompt, but once I've logged in, I never get my browser with the website. (Lost I believe, in the now dead secure desktop.)

I think the solution for Jim is to hide the website button if the screen saver is running in the secure space. It just shouldn't be allowed when it's running from a "locked" screen saver. (I believe that you can detect this by using the WinAPI function OpenInputDesktop. If OpenInputDesktop fails with the last error of "Access is Denied" (error code 5), then you are in secured mode.

Hope this helps!

~Ralph S.

I have duplicated the problem and looking for a good solution.
I will let Jim know as soon as I have a good solution. Thanks for all the info. That helped narrow it down.

It really seems a shame that it falls to Jim to work around all these bugs and design flaws in Vista.

Thanks, Ralph - that may help.

rps, there's a "downside" to the suggested solution of hiding the website button (under the circumstances).

Some people may believe that MA is only a screensaver, and will therefore (without some complicated instructions) NOT be able to get to the website button.

That's relevant to the update issue.

Yeah, I thought of that; but the fact is, if the user has configured their system to require a password once the screensaver has kicked in, then [interactive] access to the web is pretty much a non-starter. The way to handle access to the web is to have the MA3 install program add a shortcut to the start menu that takes the user to the website.

Also, I disagree with your assertion that people who think MA is only a screensaver will not be able to get to the website - the website button *would* be available through the screensaver settings dialog.

~Ralph S.

Good discussion points, with advantages and disadvantages. Jim (and perhaps others) will have to sort out the technical underpinnings, benefits, and drawbacks.

And we haven't seen the "MA3 install program" concept yet.

In this case, I'm hoping that a way exists to get the software to work the way it should in Vista (the same as it does in XP). Having different external behavior depending on the OS, isn't a good thing if it can be avoided.

Vista 64 also allows bypass from the website button.

The really bad part isn't the internet access, as it is being able to type in "c:\" at that prompt! I haven't looked at everything I can do from there, but I was able to browse to my desktop, and open web-friendly files (.TXT, .PDF, etc..).

I'm wondering if there are other screen savers that allow this?

MAT 2.6 does this as well.

I did verify, that you can not browse to other users files. Only the user account that had the SS start.

And Beta8e still does this?

Well, the behavior is somewhat different. Vista Ultimate 32-bit.

Clicking on the Website button, I get a blank desktop and a dialog box that says "There is no file extension in "C:\Program". - with the usual "OK" button to click.

Clicking on that, I get the Password (Vista locked) screen.

So, the security problem seems to be fixed. Now, Edgar needs to get rid of the extraneous dialog box (unless we're doing this for humor).

;)

Has nobody bothered to read Item 4, in my post?
Are we wasting our time?

This is still a bug. Hopefully will be fix in the next build.

Try Beta 8f: http://www.fish-byte.com/MA3Beta.zip

I read that post (which was not in this thread), and I was confirming it in this thread. Sorry if that gave offense.

I'm sure the bug will be fixed (or maybe already has been fixed in 8f, which I don't immediately have time to confirm).

Dale, - no offence taken. - My comment was not intended to appear to be directed at you.

Just downloaded 8f. [Note: the .scr file in the .zip has a timestamp earlier than 8e]

Verified that the screen does say Beta8f.

Clicking on the website button now says "Can not find script file "C:\Program Files\SereneScreen\Marine Aquarium 2.6\openserenescreen.js.

Clicking OK then brings up password box.

Don't be surprised if bug reports in that "READ ME" thread get lost in the shuffle. The thread was never designed for bug reports.

Dale,
Do you have UAC enabled?
I am curious if it is failing to write a file in the MA26 folder.