Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: dcdave (dcdaveatt.net)
Date: Tue Jun 19 2001 - 12:00:03 CDT
Sudo, and the equivalents I've seen, allow for a configurable password
separate from the admin password, and allow you (the admin) to configure
pretty specifically what commands/services can be accessed at what levels.
The problem I see here is on MS products, once you are running and
configuring IIS, you pretty much have the keys to the kingdom (thank you,
----- Original Message -----
From: "Michael Leone" <turgonmike-leone.com>
To: "Gustavo Basualdo" <guasamanhotmail.com>; <focus-mssecurityfocus.com>
Sent: Monday, June 18, 2001 1:26 PM
Subject: Re: sudo for windows
> ----- Original Message -----
> From: "Gustavo Basualdo" <guasamanhotmail.com>
> To: <focus-mssecurityfocus.com>
> Sent: Friday, June 15, 2001 7:25 PM
> Subject: sudo for windows
> > I need the equivalent of UX sudo utility for Windows meaining what i
> > do is give a standard user the ability to run an application (i.e. IIS)
> > an administrator without having to enter the admin password account to
> > (thats why runas or RKit su.exe wont work).
> I've never seen a sudo implementation (on Linux, anyway) that did NOT ask
> for the admin password. Consider - if it doesn't ask for the admin
> that's the same as the admin having NO password, since anyone can be
> with no password.
> Do you want them to run an APPLICATION or a SERVICE? IIS is a service, not
> an app.