As a long-time Windows 7 user I never cease to be amazed (pronounced perplexed) with the various nuances of the Windows 7 implementation of security. I have always been under the impression that all tasks/processes launched during a logged-in session will inherit the privileges of the logged-in user (username). In my case, I always am logged-in using a username that I know has Administrator privilege.
However, recently when launching Task Manager I then attempt to change the priority of a process, or initiate a mini-dump (.DMP) for a process, I am presented with an Unable to Access error. My suspicion is that Task Manager does not have sufficient (elevated) privilege to carry out the requested function. Yet, I thought that Task Manager would assume (inherit) the privilege of my logged-in user (having Administrator privilege). Am I under an incorrect assumption?
I have also noticed (again perplexed) that sometimes when calling upon Windows Explorer to carry out a Delete, or Rename function will be rejected; again, Win Explorer was launched while logged-in using my user with Administrator. Is it fair to assume that Explorer has not inherited the Administrator privilege? I understand that the Explorer stack is running continually, which may make it a different animal.
I am also perplexed when (via Win Explorer) drilling down Properties > Security for a directory (a folder by any other name is STILL a directory, call me old school) that one is rarely able to designate Full Control for the CREATOR/OWNER), likewise for SYSTEM. Also using the Take Ownership on a major directory node is intimidating- not knowing all of the implications of sub-directory inheritance.
I guess I need a refresher course on the intricacies of Windows Security. Color me ignorant (but still frustrated).