|
|
Focus on Microsoft
RE: Disabling sharing and group policies Sep 10 2003 12:43PM Matthew Wagenknecht (Matthew Wagenknecht quantum com) (1 replies) Re: Disabling sharing and group policies Sep 10 2003 08:46PM Ansgar Wiechers (bugtraq planetcobalt net) (1 replies) |
|
Privacy Statement |
> local administrators' group and spare yourself the trouble.
> I haven't run into a single application that couldn't
> be persuaded to run with reduced privileges.
[Sorry if it is offtopic...]
Why administrators must pesuade some applications to run with reduced
privileges anyway? I mean, why don't software developers care about that in
first place? Isn't that strange when you must have Administrator privileges
to just... Scan a picture? Write to CD? Whatever *not-administrative*
tasks...
Can you please point me to some public source of information about common
ways to make an application to run under user privileges if it won't? As I
understand, one should run some filemon- regmon-like tools to monitor
application and then make resources needed by app to be available under user
account. Is there any otner tips you can share?
Thanks,
Al.
> -----Original Message-----
> From: Ansgar Wiechers [mailto:bugtraq (at) planetcobalt (dot) net [email concealed]]
> Sent: Thursday, September 11, 2003 12:46 AM
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: Re: Disabling sharing and group policies
>
>
> On 2003-09-10 Matthew Wagenknecht wrote:
> > I'm looking for a solution to keep honest people honest.. I will be
> > monitoring the network for Everyone shares. If I find any,
> I will know
> > that it was intentional to circumvent the Group Policy. That way I
> > don't have to deal with "I didn't know any better".. I'm
> not looking
> > for a DoD implementation.
>
> I still don't see why you won't remove your users from the
> local administrators' group and spare yourself the trouble.
> Please don't give me that old "our applications require this"
> crap. I haven't run into a single application that couldn't
> be persuaded to run with reduced privileges.
>
> Regards
> Ansgar Wiechers
>
> --------------------------------------------------------------
> -------------
> KaVaDo provides the first and only integrated Web application
> scanner and
> firewall security suite that prevent Web applications
> attacks, the most
> common form of online exploitation. Download a FREE
> whitepaper on Security Policy Automation for Web Applications.
> http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
> --------------------------------------------------------------
> -------------
>
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
[ reply ]