Whoa - so much for the security refresh in Vista - it's broken by design - installers run with admin privileges, even if the account they are running from doesn't have them.
"[When] you try to run such a program, you get a UAC prompt and you have only two choices: either to agree to run this application as administrator or to disallow running it at all. That means that if you downloaded some freeware Tetris game, you will have to run its installer as administrator, giving it not only full access to all your file system and registry, but also allowing it to load kernel drivers! Why should a Tetris installer be allowed to load kernel drivers?," Rutkowska asked in a post on her Invisible Things blog.
So that's just astonishing - I can disallow an installer, or I can pray that it does nothing wrong - but I can't run it in limited access mode. That's just stupid, and it makes the rest of Vista's security fixes fairly worthless. If I'm happy with a "trust the source" method of security, I may as well let my browser run anything, on the theory that I won't visit untrusted sources.