Understanding Windows User Permissions, Privilege Dropping, and Elevation (UAC)

Windows permissions define the access rights of different accounts to files, folders, the registry, and other system resources, with three main levels: system (higher than administrator), administrator (built‑in highest‑privilege account), and user (members of the Users group with limited rights).

Permission inheritance means that a child process inherits the UAC token of its parent, so processes can run with reduced or elevated privileges depending on the scenario.

Running programs with administrator and non‑administrator rights cannot communicate via Windows IPC mechanisms, and files created by an elevated process may be immutable to non‑elevated users, highlighting the need for privilege dropping.

Common privilege‑dropping methods include launching applications through explorer.exe , which runs with standard user rights; using explorer D:\path\app.exe can start an executable at the same privilege level as Explorer.

Privilege‑elevation (UAC) in Windows Vista and later assigns a low‑privilege token to processes even for administrator accounts; when a program requires higher rights, the UAC prompt appears, and the user can approve elevation.

Elevation can be performed programmatically by calling the ShellExecuteEx API with the runas verb, which requests administrator rights; ShellExecute and ShellExecuteEx can also be used for privilege dropping when invoked without runas .

The article concludes that understanding Windows permissions, UAC, and the appropriate use of Explorer and system APIs enables developers and security testers to manage privilege levels effectively during installation, execution, and uninstallation of applications.