Generally, two types of accounts are used to log a user on to a computer's operating system. One has nearly unlimited rights, often called an administrator account with root privilege, the other has limited rights (less privilege), often called a standard user account. Standard user accounts permit some tasks but prohibit others. They permit most applications to run on the computer but often prohibit installation of an application, alteration of the computer's system settings and execution of certain applications. Administrator accounts with root privilege, on the other hand, generally permit most if not all tasks.
Not surprisingly, many users log on to their computers with administrator accounts so that they may, in most cases, do whatever they want. There are significant risks involved in using administrator accounts. Malicious code may, in some cases, perform whatever tasks are permitted by the account currently in use, such as installing and deleting applications and files—potentially highly damaging tasks while impersonating the current user of the computer—thus, if a user is logged on with an administrator account, the malicious code may perform dangerous tasks permitted by that account.
To reduce these risks, a user may instead log on with a standard user account. Logging on with a standard user account may reduce these risks because the standard user account may not have the right to permit malicious code to perform many dangerous tasks. If the standard user account does not have the right to perform a task, the operating system may prohibit the malicious code from performing that task. For this reason, using a standard user account may be safer than using an administrator account.
The user may be prohibited from performing legitimate tasks—like installing a file known to be safe. To install this file, the user may need to switch to an account that has a right to permit the task. To do so with relative safety, the user may need to log off from the standard user account, log on to an administrator account, install the file, log off from the administrator account and then log back on with the standard user account. This is disruptive.
To reduce this disruption, a user's rights may temporarily be elevated to permit a desired task. For example, the user's rights may be elevated to those corresponding to rights held by an administrator account. Thus, a user may temporarily use the privileges of the selected account so that the task may be run to completion. Once the task is completed, the rights of the user may then return to those of his or her account such that these temporary privileges cease. In U.S. Pat. No. 7,617,530 there are described systems and/or methods that enable a user to elevate his or her rights.