RE: Why Programs get written to need admin priveleges.

From: Laura A. Robinson (larobins_at_bellatlantic.net)
Date: 09/17/03

  • Next message: Sergey V. Gordeychik: "RE: Disabling sharing and group policies" 
    To: <larobins@bellatlantic.net>, "'Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]'" <sbradcpa@pacbell.net>
Date: Wed, 17 Sep 2003 16:43:13 -0400

    Whoops, I meant appcompat, not appverifier.

    Laura

    > -----Original Message-----
    > From: Laura A. Robinson [mailto:larobins@bellatlantic.net]
    > Sent: Wednesday, September 17, 2003 4:39 PM
    > To: 'Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]'
    > Cc: 'Mark Kovacic'; 'focus-ms@securityfocus.com'; 'Alexander Suhovey'
    > Subject: RE: Why Programs get written to need admin priveleges.
    >
    >
    > The Application Compatibility Toolkit also includes one (app
    > verifier).
    >
    > http://www.microsoft.com/windows/appcompatibility/toolkit.mspx
    >
    > http://msdn.microsoft.com/library/default.asp?url=/nhp/default
    > .asp?contentid=28000911
    >
    > Laura
    >
    > > -----Original Message-----
    > > From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
    > > [mailto:sbradcpa@pacbell.net]
    > > Sent: Wednesday, September 17, 2003 3:01 PM
    > > To: larobins@bellatlantic.net
    > > Cc: 'Mark Kovacic'; focus-ms@securityfocus.com; 'Alexander Suhovey'
    > > Subject: Re: Why Programs get written to need admin priveleges.
    > >
    > >
    > > There is a tool in the subscriber section of PcMag called inControl5
    > > that assists in this process of determining the modifications.
    > >
    > > http://www.sans.org/rr/papers/5/79.pdf
    > >
    > > Laura A. Robinson wrote:
    > >
    > > > And in those cases, it's still possible to adjust without
    > requiring
    > > > administrative rights on the machines in question. The
    > Application
    > > > Compatibility Toolkit is designed specifically for these
    > > situations,
    > > > or the modifications can be performed (semi) manually.
    > > >
    > > > Laura
    > > >
    > > >
    > > >>-----Original Message-----
    > > >>From: Mark Kovacic [mailto:Mark.Kovacic@barrsystems.com]
    > > >>Sent: Monday, September 15, 2003 11:49 AM
    > > >>To: focus-ms@securityfocus.com
    > > >>Cc: Alexander Suhovey
    > > >>Subject: Why Programs get written to need admin priveleges.
    > > >>
    > > >>
    > > >>As a programmer I can perhaps address the slightly off
    > > topic Question.
    > > >>
    > > >>I work primarily in the windows arena, so my comments are
    > specific
    > > >>to there.
    > > >>
    > > >>Usually when a program requires high permissions to run,
    > it's either
    > > >>because the programmer didn't have time to research the necessary
    > > >>work arounds, or as is more common, the OS requires that level of
    > > >>permission for some aspect of what the application is doing.
    > > >>
    > > >>Mark Kovacic, Senior Systems Programmer
    > > >>Barr Systems, Inc. www.barrsystems.com
    > > >>352-491-3100 Mark.Kovacic@barrsystems.com
    > > >>
    > > >>-----Original Message-----
    > > >>From: Alexander Suhovey [mailto:asuhovey@mtu-net.ru]
    > > >>Sent: Friday, September 12, 2003 12:36 PM
    > > >>To: 'Ansgar Wiechers'; focus-ms@securityfocus.com
    > > >>Subject: RE: Disabling sharing and group policies
    > > >>
    > > >>
    > > >>>I still don't see why you won't remove your users from the local
    > > >>>administrators' group and spare yourself the trouble.
    > > >>
    > > >>>I haven't run into a single application that couldn't
    > > >>>be persuaded to run with reduced privileges.
    > > >>
    > > >>[Sorry if it is offtopic...]
    > > >>
    > > >>Why administrators must pesuade some applications to run with
    > > >>reduced privileges anyway? I mean, why don't software developers
    > > >>care about that in first place? Isn't that strange when you must
    > > >>have Administrator privileges to just... Scan a picture? Write to
    > > >>CD? Whatever *not-administrative* tasks...
    > > >>
    > > >>Can you please point me to some public source of
    > information about
    > > >>common ways to make an application to run under user
    > privileges if
    > > >>it won't? As I understand, one should run some
    > > >>filemon- regmon-like tools to monitor application and then
    > > >>make resources needed by app to be available under user
    > > >>account. Is there any otner tips you can share?
    > > >>
    > > >>Thanks,
    > > >>Al.
    > > >>
    > > >>
    > > >>
    > > >>>-----Original Message-----
    > > >>>From: Ansgar Wiechers [mailto:bugtraq@planetcobalt.net]
    > > >>>Sent: Thursday, September 11, 2003 12:46 AM
    > > >>>To: focus-ms@securityfocus.com
    > > >>>Subject: Re: Disabling sharing and group policies
    > > >>>
    > > >>>
    > > >>>On 2003-09-10 Matthew Wagenknecht wrote:
    > > >>>
    > > >>>>I'm looking for a solution to keep honest people honest..
    > > >>
    > > >>I will be
    > > >>
    > > >>>>monitoring the network for Everyone shares. If I find any,
    > > >>>
    > > >>>I will know
    > > >>>
    > > >>>>that it was intentional to circumvent the Group Policy.
    > > That way I
    > > >>>>don't have to deal with "I didn't know any better".. I'm
    > > >>>
    > > >>>not looking
    > > >>>
    > > >>>>for a DoD implementation.
    > > >>>
    > > >>>I still don't see why you won't remove your users from the local
    > > >>>administrators' group and spare yourself the trouble.
    > Please don't
    > > >>>give me that old "our applications require this" crap. I
    > > haven't run
    > > >>>into a single application that couldn't be persuaded to run with
    > > >>>reduced privileges.
    > > >>>
    > > >>>Regards
    > > >>>Ansgar Wiechers
    > > >>>
    > > >>>--------------------------------------------------------------
    > > >>>-------------
    > > >>>KaVaDo provides the first and only integrated Web
    > > application scanner
    > > >>>and firewall security suite that prevent Web
    > applications attacks,
    > > >>>the most common form of online exploitation. Download a FREE
    > > >>>whitepaper on Security Policy Automation for Web Applications.
    > > >>>http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    > > >>>--------------------------------------------------------------
    > > >>>-------------
    > > >>>
    > > >>
    > > >>
    > > >>--------------------------------------------------------------
    > > >>----------
    > > >>---
    > > >>KaVaDo provides the first and only integrated Web
    > > application scanner
    > > >>and firewall security suite that prevent Web applications
    > attacks,
    > > >>the most common form of online exploitation. Download a FREE
    > > >>whitepaper on Security Policy Automation for Web Applications.
    > > >>http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    > > >>--------------------------------------------------------------
    > > >>----------
    > > >>---
    > > >>
    > > >>
    > > >>
    > > >>--------------------------------------------------------------
    > > >>-------------
    > > >>KaVaDo provides the first and only integrated Web application
    > > >>scanner and
    > > >>firewall security suite that prevent Web applications
    > > >>attacks, the most
    > > >>common form of online exploitation. Download a FREE
    > > >>whitepaper on Security Policy Automation for Web Applications.
    > > >>http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    > > >>--------------------------------------------------------------
    > > >>-------------
    > > >>
    > > >
    > > >
    > > >
    > > >
    > > --------------------------------------------------------------
    > > -------------
    > > > KaVaDo provides the first and only integrated Web
    > > application scanner and
    > > > firewall security suite that prevent Web applications
    > > attacks, the most
    > > > common form of online exploitation. Download a FREE
    > > whitepaper on Security Policy Automation for Web Applications.
    > > > http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    > > >
    > > --------------------------------------------------------------
    > > -------------
    > > >
    > >
    > > --
    > > "Don't lose sight of security. Security is a state of being,
    > > not a state of budget. He with the most firewalls still does
    > > not win. Put down that honeypot and keep up to date on your
    > > patches. Demand better security from vendors and hold them
    > > responsible. Use what you have, and make sure you know how
    > > to use it properly and effectively."
    > > ~Rain Forest Puppy
    > > http://www.wiretrip.net/rfp/txt/evolution.txt
    > >
    >

    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    ---------------------------------------------------------------------------

  • Next message: Sergey V. Gordeychik: "RE: Disabling sharing and group policies"

    Relevant Pages

    • Re: DCOM patch + Exchange
      ... We don't run exchange, but doesn't it use port 445 or something like ... Security Policy Automation for Web Applications. ... firewall security suite that prevent Web applications attacks, ...
      (Focus-Microsoft)
    • RE: GPO for one machine
      ... One way to accomplish this is to create custom menu folders on a network ... Then, in the policy, you map each security group to a specific ... Security Policy Automation for Web Applications. ... Download a FREE whitepaper on Security Policy Automation for Web Applications. ...
      (Focus-Microsoft)
    • Re: Disable USB on a per user basis?
      ... firewall security suite that prevent Web applications attacks, ... Download a FREE whitepaper on Security Policy Automation for Web Applications. ...
      (Focus-Microsoft)