Tutorial Thursday

Many of us are aware that Windows Vista has a feature called User Account Control (UAC). This prevents programs from making changes to the registry or doing anything malicious to your computer without you granting the software administrative rights. Windows XP has a similar feature but it kinda works backwards. Most people who are using XP are an administrator and full access to the PC is granted to nearly all programs that you run, but you can always force certain programs to run underprivileged.

What effects does so have on the program that you are running as “underprivileged?” Here is what a MSDN blog says:

  • Group membership: If you were logged in as a member of Administrators, Power Users, or certain powerful domain groups, the app runs without the benefit of those group memberships.
  • Registry: The app has read-only access to the registry, including HKEY_CURRENT_USER and HKEY_LOCAL_MACHINE. The app has no access to HKCU\Software\Policies.
  • File system (assuming NTFS): The app cannot access the user’s profile directory at all. That includes â€