How the integrity mechanism is implemented in Windows Vista
The Windows integrity mechanism is used in a number of ways in Windows Vista. Its main purpose is to restrict the access permissions of applications running under the same user account that are less trustworthy. The mechanism prevents less trustworthy code from modifying objects at a higher level. Most objects under the control of the Administrators group or System have a discretionary access control list (DACL) that typically grants full control permission to Administrators and to System, and read and execute permission to authenticated users. Examples of resources under control of the Administrators group and System are the Program Files directory for applications or the HKEY_LOCAL_MACHINE hive of the registry.
[ Read more ]