General discussion


I fail to see what is controversial

By Justin James Contributor ·
I fail to see why anyone would have a problem with this. Every secure OS does this; it is just that Windows users have gotten downright spoiled by having the admin privs by default. When I am using a UNIX system, I expect to not be able to do too much outside of my home directory and running most applications. I know that I will have to su to root or use sudo to do any kind of systems administration. On a Windows server, I expect to not be able to even login from the console, except as a member of the Administrators group.

Will UAP be a pain in the butt? Sure. Like any security-related "ask the user if this is OK," I think it is a total cop-out. Joe Six Pack clicks "yes" to any and every "Yes/No" dialog he sees, that is a documented fact. But now that it is there, users can begin to be educated about making sure that they click "no" to those boxes unless they caused it to happen (installing software, deleting a shortcut from "all users") and if they see it just spring up, to watch out.

Desktop applications that require to be running as admin are written by lazy programmers. The Windows API makes it stupid simple to not need to escalate to admin. Personally, I would love to see Windows run each application in its own copy of the Windows equivalent to a chroot jail, keep it there, and not give it access to squat.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums