For many organisations the challenge of reducing the number of people with administrative rights and the number of instances when those rights are used is a huge challenge. The authors of the majority software seem to assume that the user will be logged on with the same rights as they have – administrator. Getting developers to code in a non-privileged environment for the majority of the time helps them produce software which can run with normal user privilege. For some time we have used the term Limited User Access (LUA) as epitomised by Aaron Margosis’s Blog which provides practical advice upon how to make applications work better whilst running with non-administrator rights.
Just for a change we have introduced a new term with a new operating system – in this case Windows Vista implements a brand new privilege architecture to support the goals of LUA – it’s called User Account Protection (UAP). UAP enables rights to be used just for the tasks that need them rather than all of the time even if logged in as an administrative user. When a user wishes to make a configuration change then they will be prompted to enter the credentials of an administrative user – afterwards the user will continue as before with normal privilege. UAP must be manually enabled at Beta 1 of Windows Vista.
A summary of UAP is provided here – this is a good link for those of you who are also interested in the development aspects of Windows Vista as it explains about WinFX (next generation of the .net framework), Windows Communication Foundation (formerly known as “indigo”) and Windows Presentation Foundation (formerly known as “Avalon”).
A more technical overview is provided in the security white paper that I linked to a couple of days ago which you can access here.
The developers of Windows Vista have also realised that a user shouldn’t require administrative rights simply to change the system clock!