New
#41
I have a question. What is high integrity level?
I doubt that I should be the one to explain it, but I'll try:
The levels are sort of like account types, in that:
Admin accounts can do certain things and access certain folders/files.
Standard user accounts can do fewer things and access fewer folders/files.
Programs running at the high integrity level can do certain things and access certain folders/files.
Programs running at the medium integrity level can do fewer things and access fewer folders/files.
Programs running at the low integrity level can do even fewer things and access even fewer folders/files.
There are more integrity levels than those 3; but hopefully, you get my point.
Some night when you cannot sleep, read this this long post:
MSE worries
...that post has been known to cure insomnia
If anyone finds any flaws or typos in that long post, please let me know.
For those that don't want to read that long post, the executive summary is:
Don't turn off the UAC - unless you have another way to handle app integrity levels.
Don't run apps (especially a browser that is loading Flash) at the high (or system) integrity level.
Yep - but I could have just linked to the words of others to explain it.
Instead, I rambled on in my own words from memory...
...thus my caveat that you quoted
The wiki link above is somewhat dated. It does not cover how Chrome handles integrity levels and there are some statements in that article that I'm not too sure about:
(e.g. "Consequently, a process cannot interact with another process that has a higher IL.")
I understand that the wiki article attempts to be brief - thus not every statement will be true 100% of the time; but there is definitely interaction between IE's "parent" process that runs at the medium level and IE's "children" processes (the tabs) that run at the "low" level.
I cannot find the article right now, but I seem to recall at one of these "find the flaw" competitions - some group managed to elevate the Chrome browser to the System Integrity Level. That is one huge flaw.
But - back on topic:
Since I think that I was the first to speak ill of the program...
...I hope that the OP's subsequent silence was not my fault.