SRP broken in Vista?

And now for something completely different...

While setting up SRP on a Windows Vista installation using the group policy editor, I noticed that even with a default deny policy I could still execute any program on my second NTFS partition (drive D by Windows reckoning). This is very convenient, but it's also a major security hole, because drive D is world writable. Furthermore, if the same applies to CDs and USB sticks, that leaves the Vista machine easily open to infection.

Is this a limitation of SRP? A Vista bug? Is it fixable?

 

Ran a quick test and working fine on all my secondary partitions and drives under Vista Enterprise. SRP that is, not the programs - they didn't work at all.

 

Possible causes
a) You did not change the default to basic user or deny.
b) You are not using UAC

 

Thanks, the problem was UAC being turned off. D'oh!

 

JUST ANOTHER REASON TO NEVER TURN UAC OFF THE CONVENTIONAL WAY...

...do a search here about the registry or gpedit ways to turn off the interactive prompt part of it (if that bothers you; I still recommend leaving it all alone) while leaving the back end system on.