Thanks for telling about the tutorial.
I just read it and think it is a good starting point for using SuRun.
Unfortunately Mrk seemed to misunderstand a few things:
Users must enter their password is very important. It's one of the basic foundations of the SUDO mechanism.
This is not necessarily correct as SuRun does not need any password nor store it anymore. SuRun just adds the privileges of the administrators group to the existing user token.
SuRun's ask for user password option just checks if the given password is correct and then it trashes the password by writing zeros to the password RAM location.
Also Malware cannot press the "OK"-Button, so it's pretty safe to just ask for OK without a password.
Mrk's recommended options for programs in the program list are of no use.
These options are SuRun defaults for all apps in the system.
An app in the program list should have at least one of both options not in the first place checked, else it is treated as every other app in the system.
I think that Mrk did not know that SuRun asks questions on a safe desktop and thus he recommends using passwords.
I fact using passwords makes SuRun theoretically less safe, as passwords are stored in RAM (for just a millisecond) and because SuRun calls LogonUser with that password. This API could be hooked by a password spy.
But as I wrote this is just theoretically! ;-)
Thats all about what's wrong.
I really appreciate Mrk for writing this tutorial! He did a great job.
This gives me some time for not writing the english manual ;-)