And now for something completely different... While setting up SRP on a Windows Vista installation using the group policy editor, I noticed that even with a default deny policy I could still execute any program on my second NTFS partition (drive D by Windows reckoning). This is very convenient, but it's also a major security hole, because drive D is world writable. Furthermore, if the same applies to CDs and USB sticks, that leaves the Vista machine easily open to infection. Is this a limitation of SRP? A Vista bug? Is it fixable?