user level access problems: from CD

From: dataclaus1@hushmail.com
Date: 04/17/03

  • Next message: Jon R. Kibler: "Does In-Place Upgrade of Microsoft Exchange Create Open Relays?" 
    Date: Thu, 17 Apr 2003 10:14:59 -0700
To: focus-ms@securityfocus.com
From: <dataclaus1@hushmail.com>

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    List:

    We have a product whose company has turned to vapor. This 16-bit product
    (EZView Vault by 'Imaging Institute') was/is used to scan/archive paper
    documents and burn them to a specially secured CD. Setting aside the
    fact that we should no longer use it, we have to continue to access the
    CD's because of a record retention period.

    Problem:
    The product was designed to autorun when inserted, and apparently does
    registry modification and system changes each time it is run. These
    are things that persons with only User Level access under WIN2K domain
    security architecture are not able to change, so the program just hangs.

    I have tried using Filemon (Sysinternals) to see what files it accesses
    (and perhaps modify the permissions) but have not been able to gain useful
    results (could be my ineptness). I have also tried copying the CD to
    hard disk, (even with display all files [including system] set) and then
    the program pops up 'cannot find ultra security file' which must be hidden
    in the MBR on the CD or something.

    Question:
    Do any of you nice folks out there know how to set run permissions for
    a program that is on removable meida so that when it is seen by Windows
    it does not prohibit its running by user-level people? The 'client'
    viewing program is bundled on each CD--does that make a difference?

    Thanks,

    cm
    -----BEGIN PGP SIGNATURE-----
    Version: Hush 2.2 (Java)
    Note: This signature can be verified at https://www.hushtools.com/verify

    wl8EARECAB8FAj6e4QgYHGRhdGFjbGF1czFAaHVzaG1haWwuY29tAAoJEMX8YnuPyP0P
    enQAn2rPqTJ9UbpvcfxdXLuIt4jMuhvDAJ41DgLmvZIAYI4DesSLLjYtyltuPA==
    =h0C3
    -----END PGP SIGNATURE-----

    Concerned about your privacy? Follow this link to get
    FREE encrypted email: https://www.hushmail.com/?l=2

    Big $$$ to be made with the HushMail Affiliate Program:
    https://www.hushmail.com/about.php?subloc=affiliate&l=427

    -----------------------------------------------------------------------------
    Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
    world's premier event for IT and network security experts. The two-day
    Training features 6 hand-on courses on May 12-13 taught by professionals.
    The two-day Briefings on May 14-15 features 24 top speakers with no vendor
    sales pitches. Deadline for the best rates is April 25. Register today to
    ensure your place. http://www.securityfocus.com/BlackHat-focus-ms
    ------------------------------------------------------------------------------

  • Next message: Jon R. Kibler: "Does In-Place Upgrade of Microsoft Exchange Create Open Relays?"
    • Quantcast