Running as Limited User and Having temporary admin priveledges

Here’s a nice article by Aaron Margosis about a “tool” he has created to temporarily allow you to have admin rights.

Go have a read of the blog for more details.

This is a good tool to help us move away from always being logged in under the administrators’ account.

You can think of it like in Linux you would login user a limited/restricted account and when you need to install things you would just open up the terminal window and type “su” to get “super user” (aka Admin) access to start admin level processes.

In my personal opinion, it is a good move. However, we need to start making sure our software will run with as little priveledges as necessary in order to encourage this move away from being always logged in as the administrator.

I think for Longhorn, this is perhaps something that they should really encourage users to do.

I know having installed Linux on my home machine that it will actively encourage you to firstly setup the admin account during the install process and then ask that you create a normal non-admin account.

I’m sure it is something that has been raised previously. I have seen this topic raised in several notable MS blogs. Should be interesting what security measures do end up in Longhorn, I’m sure what has already been implemented in XPSP2 will be extended upon. (Eg: Security Center, Data Execution Prevention and so on.)