As long there remains the possibility that this utility can be misused to elevate one's rights, I will be on you like a dog on a postman's leg. There are way too many admins that will not think through all the security implications and unleash this utility with a tokenized file thinking that it is secure.

I don't mean to disparage DOC, but during an MSN chat, it became clear to me that he did not catch the drift of what I said in this thread and he is a smart person! In the interest of clarity, I will reiterate my concern.

When you create a tokenized file that will run AppA.exe with elevated rights, all the user needs to do is to replace AppA.exe with another app that has the same name, and it will run with the same elevated rights!
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.