longzheng said:
AndyC said:
*snip*

I understand and accept the potential malicious capabilities of medium-level applications, however, that should not be a reason to allow them to do more damage as a high-level application.

longzheng said:
AndyC, are process privileges security boundaries?

I'm not entirely clear on what you mean. Are you talking about NT privileges, such as seDebugPrivilege? Or something else?

longzheng said:
I understand and accept the potential malicious capabilities of medium-level applications, however, that should not be a reason to allow them to do more damage as a high-level application.

I agree. Which is why I recommend avoiding describing the issue in terms of words like vulnerability, because it muddies the issue.