BugTraq
Back to list
|
Post reply
LocalSystem account in Windows 2000/XP
Apr 04 2003 09:41PM
Pavel (hiddenrecipient email com)
Hello everybody,
Here is a couple of my observations on Windows 2000/XP LocalSystem account.
Originally (NT4) the paradigm of this account was declared by MS as the
following:
1. This account doesn't require athentication on the local computer.
2. It has unlimited rights on the local computer.
3. No network resources can be accessed using this account.
Now, that's what we see in Windows 2000:
1. LocalSystem is still the main account under which the most of system
services run.
2. LocalSystem has unlimited privileges on Active Directory objects. It is
true for all of the partitions located in the AD database. So, any process
running under LocalSystem on any of domain controllers can easily crash
the whole forest just by erasing Schema or Configuration objects. And that
becomes not funny, you need to control every single backup operator as
well as patch thoroughly every single buffer overflow vulnerabilities in
system services and apps.
3. Here is another surprise coming. Now the LocalSystem account is able to
access other computer's shared resources. Basically, its rights are equal
to ones of "Users" or "Domain Users". So you don`t need to be
authenticated by domain at all to access domain resources shared
for "Users" only.
Has anything changed in Microsoft's vision of the System account?
What are documented security features of this account?
Thanks
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Hello everybody,
Here is a couple of my observations on Windows 2000/XP LocalSystem account.
Originally (NT4) the paradigm of this account was declared by MS as the
following:
1. This account doesn't require athentication on the local computer.
2. It has unlimited rights on the local computer.
3. No network resources can be accessed using this account.
Now, that's what we see in Windows 2000:
1. LocalSystem is still the main account under which the most of system
services run.
2. LocalSystem has unlimited privileges on Active Directory objects. It is
true for all of the partitions located in the AD database. So, any process
running under LocalSystem on any of domain controllers can easily crash
the whole forest just by erasing Schema or Configuration objects. And that
becomes not funny, you need to control every single backup operator as
well as patch thoroughly every single buffer overflow vulnerabilities in
system services and apps.
3. Here is another surprise coming. Now the LocalSystem account is able to
access other computer's shared resources. Basically, its rights are equal
to ones of "Users" or "Domain Users". So you don`t need to be
authenticated by domain at all to access domain resources shared
for "Users" only.
Has anything changed in Microsoft's vision of the System account?
What are documented security features of this account?
Thanks
[ reply ]