There's an update for the problem described here. As already suspected, Windows Vista applies some heuristics to mark files, so users need to elevate to administrator to be able to execute those programs.
However, the "heuristics" that are applied seem to be rather simple:
According to a discussion in an MSDN forum, Vista simply takes files containing one of the words "setup", "install", "update" and some more as installer files, requiring administrator privileges. Pretty stupid.
A quick check reveals there is truth to this: the git programs which are blocked for me are git-format-patch, git-patch-id, git-update-index, git-update-ref and git-update-server-info...
Ok - then, is there a way to circumvent that behavious? Actually, I don't need to run them with admin privileges, all I need is Vista not to try to elevate; I tried to create .manifest files for the applications but with no success. MSDN actually claims the directive:
requestedExecutionLevel="asInvoker"
would suffice. In my tests, the security shield icon was removed when I had created the manifest file, but the program still required the admin privs. At one point I finally gave up trying to find the elegant solution and deactivated UAC in Vista. I have to live with a red security icon in the system try now, but git works as expected...
