Coffeehouse Post

Single Post Permalink

View Thread: UAC controversy - the last episode!
  • User profile image
    AndyC

    longzheng said:
    AndyC said:
    *snip*

    I understand and accept the potential malicious capabilities of medium-level applications, however, that should not be a reason to allow them to do more damage as a high-level application.

    longzheng said:
    AndyC, are process privileges security boundaries?

    I'm not entirely clear on what you mean. Are you talking about NT privileges, such as seDebugPrivilege? Or something else?

    longzheng said:
    I understand and accept the potential malicious capabilities of medium-level applications, however, that should not be a reason to allow them to do more damage as a high-level application.

    I agree. Which is why I recommend avoiding describing the issue in terms of words like vulnerability, because it muddies the issue.