Mis-understandings about Limited/Standard User Accounts (LUA/SUA)

The following is a post as part of a dicussion on Wilders (be careful what you read on Wilders - there is a lot of mis-information there...but I guess most forums suffer from this issue) about installing new software as a limited user:

http://www.wilderssecurity.com/showpost.php?p=1665773&postcount=68

Yet another achilles heel of DW is what takes place when you want to install a new software. As an example I shall refer to a hypothetical download called "setup.exe" which IS a malware for purposes of this example.

Under DW, setup.exe will arrive in untrusted status. As such, setup.exe has zero ability to do any real damage to your computer.

HOWEVER, installing an untrusted software is a PITN. So you will (I hope) scan setup.exe for malware and, if it passes muster, you will then convert it to trusted status.

So, in this example, a malware has slipped by your scanner (it happens sometimes).

Once the malware is in trusted status, DW no longer offers protection. IF you are running as Admin user when you install that malware and execute it, then that malware will have freedom to do pretty much any & all damage that it wants to do, and DW won't interfere.

Unlike DW, Online Armor (OA) gives you an EASY option for installing software safely EVEN IF you choose always to run as Admin user and EVEN IF that software turns out to be malware.

Namely, OA allows you easily to click setup.exe into Run Safer mode, thereby eliminating 99.999999% of that software's ability, as a malware, to do any lasting damage to your computer.

Kees often advocates running most times as Limited user (LUA). He is right, of course. IF I am in LUA status, DW is 99.99999% bullet-proof, even when installing software. But I am a lazy hard-head & always run as Admin so, in my case, I really need Run Safer.

There appears to be a clear mis-undestanding about what a limited user can and can't do. The limited user by default cannot install programs without administrator rights. Why? Because almost every program out there writes to C:\Program Files and/or C:\Windows. And remember, limited users cannot write to these areas!

The RunSafer feature by Online Armor (OA) is simply a way to strip down selected applications to run with limited rights (equivalent to running the application in a LUA, which by the way is a feature already built into Windows!). Therefore, attempting to install programs with OA's RunSafer module will not work 99% of the time - usually the installer will state that it needs admin rights to continue or it will just fail miserably to install anything in the first place.

Just a note that DefenseWall essentially attempts to mirror what a LUA does (although it has many more policy blocking aspects by default compared to a LUA). Therefore, attempting to install programs as "untrusted" with DefenseWall will often fail as well.