It was a group at one time, Jimmy, and removed before RTM.
Hmm ... didn't notice that during the beta
. The TrustedInstaller service
ownership of the files is a good example of the new ability for services to
be associated with a security principle. I hope third-party service
developers use this feature! I imagine with Vista's new tight security model
in "userland", many more malware authors will start looking for exploits in
privileged third-party services.
Thanks for the "take ownership" info (figured something would eventually
work but get nervous when folks want to remove default system files).
You're welcome
.
I agree ... changing/removing system files manually is a *BAD* idea in most
cases. But, even though MS has made it more difficult to do, it is important
people realize that it is still possible.
If it's easy for the user to do, it will be even easier for malware to do.
This is one of the few times that taking ownership of files is required.
Most of the time it is not necessary. The only thing ownership means from a
security standpoint is "This account can look at and change permissions,
even if not explicitly granted in the permission list". The actual
permission list is what is important - taking ownership is only necessary if
you are locked out of changing permissions.
--
- JB
Microsoft MVP - Windows Shell/User
Windows Vista Support Faq
http://www.jimmah.com/vista/