TrustedInstaller User?

permalink · 02-26-2007

I ran icacls on c:\windows and noticed a account called NT
Service\TrustedInstaller that has full access to the directory. But I cannot
find this account in the list of users on the my Vista Machine.
Research shows that this is the account used by Vista installation service
for installing applications. But Task Manager does not show any service or
process running under that account.

Can someone demistify where this account resides and which service uses
this? Can I create additional directories and only allow this account to
create/write files to it?

permalink · 02-26-2007

> I ran icacls on c:\windows and noticed a account called NT
> Service\TrustedInstaller that has full access to the directory. But I cannot
> find this account in the list of users on the my Vista Machine.
> Research shows that this is the account used by Vista installation service
> for installing applications. But Task Manager does not show any service or
> process running under that account.

TrustedInstaller _is_ the Installer service. It is actually a Service SID
representing that service. The fact that it is the only thing that has write
permission to system binaries means that it is the only thing that can update
them (without jumping through hoops).

Yes, you can make that account the only thing that has permissions. It is
treated as any other account for access checking purposes.

02-26-2007	#1 (permalink)
RockyD Guest n/a posts	TrustedInstaller User? I ran icacls on c:\windows and noticed a account called NT Service\TrustedInstaller that has full access to the directory. But I cannot find this account in the list of users on the my Vista Machine. Research shows that this is the account used by Vista installation service for installing applications. But Task Manager does not show any service or process running under that account. Can someone demistify where this account resides and which service uses this? Can I create additional directories and only allow this account to create/write files to it?
My System Specs

02-26-2007	#2 (permalink)
Jesper Guest n/a posts	RE: TrustedInstaller User? > I ran icacls on c:\windows and noticed a account called NT > Service\TrustedInstaller that has full access to the directory. But I cannot > find this account in the list of users on the my Vista Machine. > Research shows that this is the account used by Vista installation service > for installing applications. But Task Manager does not show any service or > process running under that account. TrustedInstaller _is_ the Installer service. It is actually a Service SID representing that service. The fact that it is the only thing that has write permission to system binaries means that it is the only thing that can update them (without jumping through hoops). Yes, you can make that account the only thing that has permissions. It is treated as any other account for access checking purposes.
My System Specs

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Is there a way to disable TrustedInstaller?	Brian Kitt	Vista performance & maintenance	6	06-03-2008 05:25 PM
TrustedInstaller.exe	kingamoon	Vista General	6	01-08-2008 07:28 PM
TrustedInstaller.exe process	Piotr Wozniacki	Vista installation & setup	1	09-21-2007 04:45 PM
WMP 11 and trustedinstaller.exe	Mark Veldhuis	Vista music pictures video	0	06-22-2007 11:16 AM
TrustedInstaller	CZ	Vista security	1	06-23-2006 10:09 PM