|
Imagine an app running with admin though or elevated, and it checks permission to write its data in c:\windows\system32. If it fails access check then it writes to the user profile folder. Such a driver would start to change behavior of normally not possible scenarios. A small point maybe but some apps are coded this way.
The only thing I can think of is that the ownership and ACL changes both need to be recursively applied and hence dangerously destructive. But strange Win7 can access it. TrustedInstaller has always been enough for me unless an app was doing some special permission hacks. Especially surprising for command prompt as explorer has it's own special settings.
|