|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Why Programs get written to need admin priveleges.
From: Laura A. Robinson (larobins
bellatlantic.net)
Date: Wed Sep 17 2003 - 15:43:13 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Whoops, I meant appcompat, not appverifier.
Laura
> -----Original Message-----
> From: Laura A. Robinson [mailto:larobinsbellatlantic.net]
> Sent: Wednesday, September 17, 2003 4:39 PM
> To: 'Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]'
> Cc: 'Mark Kovacic'; 'focus-mssecurityfocus.com'; 'Alexander Suhovey'
> Subject: RE: Why Programs get written to need admin priveleges.
>
>
> The Application Compatibility Toolkit also includes one (app
> verifier).
>
> http://www.microsoft.com/windows/appcompatibility/toolkit.mspx
>
> http://msdn.microsoft.com/library/default.asp?url=/nhp/default
> .asp?contentid=28000911
>
> Laura
>
> > -----Original Message-----
> > From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
> > [mailto:sbradcpapacbell.net]
> > Sent: Wednesday, September 17, 2003 3:01 PM
> > To: larobinsbellatlantic.net
> > Cc: 'Mark Kovacic'; focus-mssecurityfocus.com; 'Alexander Suhovey'
> > Subject: Re: Why Programs get written to need admin priveleges.
> >
> >
> > There is a tool in the subscriber section of PcMag called inControl5
> > that assists in this process of determining the modifications.
> >
> > http://www.sans.org/rr/papers/5/79.pdf
> >
> > Laura A. Robinson wrote:
> >
> > > And in those cases, it's still possible to adjust without
> requiring
> > > administrative rights on the machines in question. The
> Application
> > > Compatibility Toolkit is designed specifically for these
> > situations,
> > > or the modifications can be performed (semi) manually.
> > >
> > > Laura
> > >
> > >
> > >>-----Original Message-----
> > >>From: Mark Kovacic [mailto:Mark.Kovacicbarrsystems.com]
> > >>Sent: Monday, September 15, 2003 11:49 AM
> > >>To: focus-mssecurityfocus.com
> > >>Cc: Alexander Suhovey
> > >>Subject: Why Programs get written to need admin priveleges.
> > >>
> > >>
> > >>As a programmer I can perhaps address the slightly off
> > topic Question.
> > >>
> > >>I work primarily in the windows arena, so my comments are
> specific
> > >>to there.
> > >>
> > >>Usually when a program requires high permissions to run,
> it's either
> > >>because the programmer didn't have time to research the necessary
> > >>work arounds, or as is more common, the OS requires that level of
> > >>permission for some aspect of what the application is doing.
> > >>
> > >>Mark Kovacic, Senior Systems Programmer
> > >>Barr Systems, Inc. www.barrsystems.com
> > >>352-491-3100 Mark.Kovacicbarrsystems.com
> > >>
> > >>-----Original Message-----
> > >>From: Alexander Suhovey [mailto:asuhoveymtu-net.ru]
> > >>Sent: Friday, September 12, 2003 12:36 PM
> > >>To: 'Ansgar Wiechers'; focus-mssecurityfocus.com
> > >>Subject: RE: Disabling sharing and group policies
> > >>
> > >>
> > >>>I still don't see why you won't remove your users from the local
> > >>>administrators' group and spare yourself the trouble.
> > >>
> > >>>I haven't run into a single application that couldn't
> > >>>be persuaded to run with reduced privileges.
> > >>
> > >>[Sorry if it is offtopic...]
> > >>
> > >>Why administrators must pesuade some applications to run with
> > >>reduced privileges anyway? I mean, why don't software developers
> > >>care about that in first place? Isn't that strange when you must
> > >>have Administrator privileges to just... Scan a picture? Write to
> > >>CD? Whatever *not-administrative* tasks...
> > >>
> > >>Can you please point me to some public source of
> information about
> > >>common ways to make an application to run under user
> privileges if
> > >>it won't? As I understand, one should run some
> > >>filemon- regmon-like tools to monitor application and then
> > >>make resources needed by app to be available under user
> > >>account. Is there any otner tips you can share?
> > >>
> > >>Thanks,
> > >>Al.
> > >>
> > >>
> > >>
> > >>>-----Original Message-----
> > >>>From: Ansgar Wiechers [mailto:bugtraqplanetcobalt.net]
> > >>>Sent: Thursday, September 11, 2003 12:46 AM
> > >>>To: focus-mssecurityfocus.com
> > >>>Subject: Re: Disabling sharing and group policies
> > >>>
> > >>>
> > >>>On 2003-09-10 Matthew Wagenknecht wrote:
> > >>>
> > >>>>I'm looking for a solution to keep honest people honest..
> > >>
> > >>I will be
> > >>
> > >>>>monitoring the network for Everyone shares. If I find any,
> > >>>
> > >>>I will know
> > >>>
> > >>>>that it was intentional to circumvent the Group Policy.
> > That way I
> > >>>>don't have to deal with "I didn't know any better".. I'm
> > >>>
> > >>>not looking
> > >>>
> > >>>>for a DoD implementation.
> > >>>
> > >>>I still don't see why you won't remove your users from the local
> > >>>administrators' group and spare yourself the trouble.
> Please don't
> > >>>give me that old "our applications require this" crap. I
> > haven't run
> > >>>into a single application that couldn't be persuaded to run with
> > >>>reduced privileges.
> > >>>
> > >>>Regards
> > >>>Ansgar Wiechers
> > >>>
> > >>>--------------------------------------------------------------
> > >>>-------------
> > >>>KaVaDo provides the first and only integrated Web
> > application scanner
> > >>>and firewall security suite that prevent Web
> applications attacks,
> > >>>the most common form of online exploitation. Download a FREE
> > >>>whitepaper on Security Policy Automation for Web Applications.
> > >>>http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
> > >>>--------------------------------------------------------------
> > >>>-------------
> > >>>
> > >>
> > >>
> > >>--------------------------------------------------------------
> > >>----------
> > >>---
> > >>KaVaDo provides the first and only integrated Web
> > application scanner
> > >>and firewall security suite that prevent Web applications
> attacks,
> > >>the most common form of online exploitation. Download a FREE
> > >>whitepaper on Security Policy Automation for Web Applications.
> > >>http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
> > >>--------------------------------------------------------------
> > >>----------
> > >>---
> > >>
> > >>
> > >>
> > >>--------------------------------------------------------------
> > >>-------------
> > >>KaVaDo provides the first and only integrated Web application
> > >>scanner and
> > >>firewall security suite that prevent Web applications
> > >>attacks, the most
> > >>common form of online exploitation. Download a FREE
> > >>whitepaper on Security Policy Automation for Web Applications.
> > >>http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
> > >>--------------------------------------------------------------
> > >>-------------
> > >>
> > >
> > >
> > >
> > >
> > --------------------------------------------------------------
> > -------------
> > > KaVaDo provides the first and only integrated Web
> > application scanner and
> > > firewall security suite that prevent Web applications
> > attacks, the most
> > > common form of online exploitation. Download a FREE
> > whitepaper on Security Policy Automation for Web Applications.
> > > http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
> > >
> > --------------------------------------------------------------
> > -------------
> > >
> >
> > --
> > "Don't lose sight of security. Security is a state of being,
> > not a state of budget. He with the most firewalls still does
> > not win. Put down that honeypot and keep up to date on your
> > patches. Demand better security from vendors and hold them
> > responsible. Use what you have, and make sure you know how
> > to use it properly and effectively."
> > ~Rain Forest Puppy
> > http://www.wiretrip.net/rfp/txt/evolution.txt
> >
>
---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]