"You can not drop a file from a Medium Integrity process (Explorer) onto a High integrity process (elevated Notepad). This is actually the problem a lot of developers face with Visual Studio at the moment. If they need to start an instance of Visual Studio as Admin so they can debug processes that they didn’t start, they can not then go and drag and drop project or solution files from Explorer to Visual Studio to open them like they could before."
I pulled this quote out of a recent post to the ausdotnet mailing list from Rocky H.
"CMD is the special-case here w.r.t. [with respect to] input injection from MEDIUM. This is a known hole once you’ve launched an elevated CMD – it’s actually one of the reasons that we knew UAC wouldn’t be a security boundary in Vista (which was unfortunately mis-marketed early on and caused all of the ignorant statements in the press, and various blogs). The short description is that all CMD windows are ultimately owned and managed by CSRSS, to the point that they all share the same input queue (regardless of the IL of the CMD window). This is going to be fixed in Windows V.Next."
Also interesting stuff.
UAC is a hot topic but I still stand by my original comments which state that what UAC really enforces is, in effect, MS logo certification requirements for application design. In other words: most vendors shouldn’t have a problem if their application was designed right.. We (as an industry) support way too many legacy applications designed for Windows 98 (etc) IMHO.
Have any thoughts on UAC? Post ‘em….