If an installer is run elevated, the installed files will be typically 
owned by the local administrator (or in some cases SYSTEM or 
TrustedInstaller) instead of the current user. This is not the case for 
a Cygwin "All Users" installation. The files are then not protected from 
accidental changes by this user.

The attached patch adds an experimental --chown-admin option which 
allows (new) installations owned by local administrator user and group.

A drawback is that files generated by postinstall scripts are still 
owned by current user + "None" group. It should be possible to fix this 
with some perpetual preremove+postinstall scripts.

I also don't know whether this may break some postinstall scripts.

BTW: 'nt_sec.setDefaultSecurity (isAdmin)' is never called with 
'isAdmin==true' as 'root_scope' is always 0.

-- 
Regards,
Christian