UAC for Application Developers
page 2 of 5
by James Bender
Average Rating: 
Views (Total / Last 10 Days): 25571/ 31

How UAC is implemented

When a non Administrator logs into Windows Vista, they are granted a standard user token. All work that user does in Vista is down under the privileges granted by that token. If a non Administrator with only a standard user token attempts to perform an action that required elevated privileges, Vista will prompt them to enter Administrator credentials (user name and password). If elevated privileges are granted, a new token with Administrative privileges is created for that process. When the process ends the token is destroy. Tokens can be passed from parent processes to child processes, but beyond that there is no sharing of tokens among processes.

When an Administrator logs into Windows Vista, two tokens are created: a standard user token and an Administrator token. As with a non-Administrative user, the Administrator will generally operate with their standard user token. When the Administrator attempts to perform an action that required Administrative privileges, UAC prompts the user to allow the action. If the Administrator consents, a copy of the user Administrative token is created. The process requiring the elevated uses that copy to perform its functions. Like the previous example, once the process is complete the token is destroyed. Also, like the previous example, a parent may pass the token to a child process, but no other sharing of tokens between processes is allowed.

View Entire Article

User Comments

No comments posted yet.

Product Spotlight
Product Spotlight 

Community Advice: ASP | SQL | XML | Regular Expressions | Windows

©Copyright 1998-2023  |  Page Processed at 2023-12-10 11:48:54 AM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search