Sunday, 3 February 2008

Windows Vista UAC and programs starting automatically

A little side note to yesterdays post. For some reason vista will promote a program to full admin rights if it starts automatically without requiring UAC authentication.

An example of this is Fonebook. When you start it manually and change the startup settings you have to click a button with a shield on it and then you get the UAC prompt, however if the program starts automatically then you still get the shield, but you don't get the UAC prompt.

I suspect this is to allow programs to start with admin privileges automatically without requesting the UAC prompt (Like virus scanners/Firewalls etc) but it strikes me as a little dangerous. I would have liked to have seen a special registry key which basically allowed things under it to start as admin but you have to give much more explicit permission before anything can be saved there.

Ross

No comments: