Sunday, July 30, 2006

Consent/Credential Prompt

The UAC elevation prompts are also customized based on the type of executable that is requesting elevation. The diagram above illustrates the different UAC prompts that are displayed based on the type and state of the requesting executable. This behavior is the default for Windows Vista and is not configurable, with one exception-- the ability to configure blocked applications with Group Policy and to block applications that are not signed and validated.

You can control what kind of user input that the prompt requires by configuring a new security policy setting introduced in Windows Vista. The setting is located in the Security Policy Manager Microsoft Management Console (MMC) snap-in under the path: Local Security Settings->Local Policies->Security Options.

Privilege Specification Model

UAC extends the access token system already in use for managing Windows logons with a new access token mechanism that supplies each administrator logon with two security access tokens: a UAC access token and a full administrator access token. The default access token is a standard user access token.

The default access token that is used to launch the desktop, the explorer.exe process, is a standard user access token, and any child processes of explorer.exe will inherit this standard user access token.

UAC Technologies

User Account Control (UAC) is a new security component of the Microsoft® Windows Vista operating system. UAC will be one of the first technologies you will likely encounter in Windows Vista. User Account Control is a collection of technologies in Windows Vista that enables users to run as standard users, with low privilege, while still being able to perform common tasks and enjoy high application compatibility. UAC technologies include:
  • Privilege Specification Model
  • Consent/Credential Prompt
  • Application Information Service (AIS)
  • Installer Detection
  • Data Virtualization
  • ActiveX Installer Service
  • And more ...