Re: Win xp sp2 firewall

Volker Birk wrote:
Hexalon <Hexalon@xxxxxxxxx> wrote:

Microsoft would have a lot less security problems if people would stop
running as admins. I really doubt if that is going to happen anytime
soon. People tend to be resistant to change unless change is forced on
them.


Beside that all "Leythos" said is nonsense (as usual from him), the best
way Microsoft could stop people to work as Administrator would be not to
have this as a default.

Well, it's not and there is no sense crying over it. The XP FW does have some issues in it that it will allow FW rules to be set for an application that the end-user has no clue about upon installation of the application. I have seen this with some .NET Windows applications that were using .NET remoting that I have developed and installed on XP with the FW active.

There is no way that the XP O/S or the XP FW knew the intent of that application good or bad as a client or server. And yet rules were set for the applications to punch through the FW. You name another PFW that allows this kind of rule setting, which is ridiculous.

Well, they're doing something like this now with Vista: the user is
administrator, but administrator's don't have every right any more :-/
(try to open a SYSTEM shell on Vista)


I guess they listened to someone after many years of not listening.
.

Relevant Pages

  • Re: Creating directories on Vista machines using .NET
    ... application that installs to the Program Files directory. ... For example, what do you mean by "using administrator rights, having ... This is the case with most modern games. ... It will *not* write to that installation path under ...
    (microsoft.public.dotnet.framework)
  • Re: Creating directories on Vista machines using .NET
    ... There are a number of relatively standard methods for maintaining application settings, none of which involve an Access database, nor storing the settings under the Program Files directory hierarchy. ... For example, what do you mean by "using administrator rights, having logged on as a normal user"? ... This includes changing the permissions of the root directory to prevent non-administrator accounts from having write access, as well as changing from the default installation directory to one under the Program Files tree. ... I’m hence considering this as a viable way to release my applications in future, since all of them will probably involve significant interactions with local Access databases. ...
    (microsoft.public.dotnet.framework)
  • Re: Problems installing SQL Server 2005 in two node cluster
    ... I'm assuming that SQL Server 2005 doesn't need to be an administrator ... that make sure you are not using domain admin-level accounts for the service ... Server2005Setup Log Files" and "StartingSQLServerManually." ... This is the fifth attempt at installation, ...
    (microsoft.public.sqlserver.clustering)
  • Re: What will happen after this senario?
    ... > "ABC" user who member windows administrator group. ... Which flies in the face of convention, intuitive installation and the ... will know this ABC user is the Oracle software ...
    (comp.databases.oracle.server)
  • Re: Cant Install Printer Software -- Wont Recognize System Admin
    ... Are you running printer installation software from HP? ... shouldn't be checking to see if you are the built-in administrator account, ... Have you tried the "Add Hardware" wizard in the Control Panel to install ... > you can't install software in Safe mode (at least I ...
    (microsoft.public.windowsxp.security_admin)