Windows Vista
The good news, if you can wait until probably late 2006, is that Microsoft is going to great pains to make all of this stuff easier in Windows Vista (the next version of Windows, which the world has known as Longhorn for the last few years). Vista has greatly expanded support for running as a LUA. Most importantly, in Vista you're either an admin or a LUA, with no middle ground. If you're running as a LUA, Windows itself provides a graceful degradation when the app encounters a permissions problem.
Three nice features in Vista will make LUA far more realistic for most users:
- Application Impact Management provides a virtualized view of system resources so that even LUAs can read and write protected areas. But the changes are made to the virtualized view of the resource, a sort of temporary copy of the user's security context that is not saved permanently when the user logs off. It's like a virtual PC view into your own computer. This feature will eliminate many of the problems accessing resources, but also may cause data loss when the user logs off. It sounds like a cool feature, but we'll have to wait for the final implementation to see how useful it is.
- The Protected Administrator feature allows users to always run as an administrator. You have to explicitly specify any applications that actually get administrative privileges. Normal applications run with a special restricted token but specified applications run with admin rights.
- HyperVisor is an ad hoc virtual PC session that disappears when it's done. Using a HyperVisor session, you can do unsafe things like visit rogue web sites and open email attachments with abandon. Once you're done, you shut down the session and all changes disappear. You can do the same sort of thing today with either Virtual PC or VMware Desktop, but HyperVision will be built into Windows.
One caution: The history of Longhorn has been one of great stories and visions from Microsoft, but they have been steadily removing features as the shipping date got pushed out further and further into the millennium. Any or all of these features are likely to change or disappear by the time Windows Vista finally ships, or even better features might be introduced.