Windows: Fix installation directory permissions

For new installs, change owner rather than giving 'F' permission to Users group
For existing installs, change owner and change 'F' permission to 'RX' for Users group
Local privilege escalation vulnerability
Introduced 2009-06-11, released in 0.7.5 2009-06-29
Reported by Juilo Cesar Fort of Blaze Information Security 2020-04-28

installer/install.xml

@@ -19,21 +19,6 @@
          -->
 
         <!-- adding this element will make the installer attempt to launch itself with administrator permissions,
-             but see http://www.nabble.com/Classpath-security-issues-on-Vista-td22456230.html
-             which says it isn't sufficient:
-
-		Just to let you know that I managed to identify and resolve the problem (in
-		case anyone else has it).  The default installation directory for Vista is
-		under "Program Files" which is a "special" directory which can only be
-		written to (create sub-directories) by administrators.  However, stupid
-		Vista downgrades an administrator to a normal user when the program is run
-		via the application shortcut menu.  As you suggested, I added a script which
-		runs ICACLS which resolved the problem, i.e.
-
-		icacls %1 /grant Users:F /T > priv.log
-
-		The command needs to be run as a Process rather than as an executable tag in
-		order to pass $INSTALL_PATH as a parameter.
          -->
         <run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>
     </info>
@@ -263,7 +248,7 @@
                 </args>
             </executable>
 
-            <!-- workaround for vista permission problems - see comments above -->
+            <!-- change owner to %username% so updates will work -->
             <executable targetfile="$INSTALL_PATH/fixperms.bat" type="bin" stage="postinstall" keep="true" failure="warn"
                 condition="!izpack.windowsinstall.xp+!izpack.windowsinstall.2003" >
                 <os family="windows" />