Without Configuration every user can elevate to admin ?

[DaStivi]

Hi, i just installed makeMeAdmin (with local admin, of course) but without any configuration each user can elevate to admin afterwards?? i didn't have done any GPOs nor do i see any precreated regkeys...

in my opinion, even if config would be forced from GPO it could be possible to wipe the registry policys and afterwards without any config every user can elevate?

[pseymour]

Yes, it's like that by default. I've thought about changing it, but that could be a breaking change for some. I still might do it, but I would have to bump the major version number to let people know there's a significant change.

It's true that if someone wants to be malicious, they could wipe the registry policies, although GPO would eventually put them back. But if Make Me Admin defaulted to closed-off, a bad actor could also modify whatever default policy was in place to allow themselves or everyone. You're trusting people to be responsible with admin rights.