A posting on TechNet (by Jesper Johansson) discusses Vista Security changes. Jesper points out a few
- Accounts created during setup become administrators programs execute with Ambient Authority (administrative privileges, with free access to the file system.
- Default ACLs includes ACL entries for Everyone, Power Users, etc, this includes the default ACL for C:\ gave Read and Create access to Everyone.
- Limitations exist on ACLs to assign permissions to the an object that changes owner - permissions were not transferred.
- Owners have implicit rights to an object, no matter what permissions they need.
Read the full posting http://technet.microsoft.com/en-us/magazine/cc138011.aspx