As a security tester, we need to ensure that our product works under minimal privilege. Yes, test machines are set up to test with minimal privilege, but my day-to-day email machine is set up with admin privilege. Although it is a threat to run under admin, it was more threatening to inflict myself with the hassles of running as non-admin. As an extremely paranoid person, I have so many novice questions: Do I need to reboot all the time if I need admin privilege? Will my apps continue to function properly? Will I get blue screen for no reasons?
One fine day, I decided to switch from admin to power user. Granted that power user is almost an admin, it should be a good start to run my box as non-admin. After several days, I did not find any differences with Office applications and other well-known ones, such as IE.
Until I need to unblock an application on my SP2 firewall do I have a problem. The problem can easily be circumvented by using “runas /user:mymachine\administrator control firewall.cpl” and enter my password. After the command, I run firewall.cpl as admin, and unblock my application. Finally, close the firewall app.
Voila, I am happy again with running my box as non-admin.