From: "Mark Miesfeld"
Subject: Some snapshots of Vista
Date: Sun, 22 Apr 2007 21:24:35 -0700
I attached a zip file of several snapshots I took on one of my Vista
systems. I thought I would have time to write up a more detailed
explanation, but I am going to just send them to you. <grin>
The snapshots are taken of Process Explorer by Sysinternals (procexp.exe.)
Some things to take note of: I have 3 users logged in at the same time and
used Fast User Switching to move between the 3. In Vista, the fast user
switching seems very solid to me and I like it better than I have
There is a "standard user:" cienna, a user in the administrator group:
miesfeld, and the restored full-blown Administrator.
Note the Integrity Level of processes in procexp and the User Name.
There are two sets of snapshots. A ProcExp set and a ProcExp-service set.
The ProcExp set was taken with RxAPI installed not as a service and the
other set with RxAPI installed as a service. (It was when I made this
second set of snapshots that I realized that a separate process was being
started for the cienna and miesfeld users.)
In the service installed set, there is a rxapi process running at the
"System" level. This is the highest. The Administrator processes are then
running at the "High" system integrity level.
Note that the cienna user has all her processes running at the "Medium"
level. Also note that the procexp opened from her account can not display
most of the information and has "access denied." This is because the medium
integrity level does not give her the privilege level required to gain
access to the system information.
Note also the miesfeld user, who is in the administrator group, has most of
his processes also running at the medium level. This is because users in
the administrator group will normally run at the same integrity level as a
standard user. One difference is that when the elevated privileges dialog
comes up, a standard user will have to enter a password, while an user in
the administrator group will only have to click the confirm button.
However, also note this about the miesfeld user. He has one cmd.exe process
that is running at the High level. That is because I started one command
prompt console by using "run as administrator." Notice that the rexx.exe
and its subprocess procexp are also running at the High level. In contrast,
the rexx.exe and procexp subprocess for the cienna user are running at
Finally, all three users have started 2 different ooRexx programs and left
them running. One is the sysinfo sample from samples\ole\wmi\sysinfo and
the other is a simple test program that starts up notepad and procexp,
waiting for procexp to return. Notice that cienna's notepad is running at
the medium level while the other 2 are running at the high level. That
comes from the level of the rexx.exe process that started them.
Hope that satisfies your curiosity a little.
I thought I would not use Vista, mostly because of the security changes.
But, I found out that I like it quite a bit and will be installing it for my
primary system. For me, I will just restore the full-blown Administrator
account and run under that.
But even if I didn't do that, it still would be okay for what I do. On my
Windows system the first thing I do is set up two command prompt console
windows, a left and a right. They open up when I log on and stay open the
entire time. 95% of what I do, I do from the command prompt. On Vista, I
would just use the advanced setting to set those windows to open with
elevated privileges. Then, 95% of what I do works just fine. <grin.>