Why is WPF so unsafe that it must flag its Windows as 'unmanaged'?

I'm re-writing the front end to my service and for my installer to update the registry it will require (for Vista and 7 HP users) a request to authenticate (like Administrator privilege).

http://msdn.microsoft.com/en-us/library/ms748948.aspx states that WPF's Window requires "UnmanagedCode security permission". What are the implications, in terms of security prompts, of changing the front 开发者_如何学运维end from Win Forms to WPF? Is it really that much more flexible than Forms that it has to break all the safety guarantees I have only just embraced with .NET and managed Forms?

This is only an issue when running in restricted trust (in-browser applications such a ClickOnce or XBAPs).
Such applications cannot freely create popup windows; this prevents phishing attacks.

As MSDN clearly states, this is not an issue for applications executed from the local machine.
It has nothing to do with administrative privileges.

Keep reading the linked docs:

Window requires UnmanagedCode security permission to be instantiated. For applications installed on and launched from the local machine, this falls within the set of permissions that are granted to the application.

However, this falls outside the set of permissions granted to applications that are launched from the Internet or Local intranet zone using ClickOnce. Consequently, users will receive a ClickOnce security warning and will need to elevate the permission set for the application to full trust.

As long as the app is launched as a local application, there shouldn't be any prompts.