Re: How good is Comodo Internet Security?

VanguardLH <V@xxxxxxxxx> wrote:
A process can be made to run under a LUA (limited user account) token.
That is, the process will have the same privileges as that token. Since
the token has the limitation of a standard user account, that process
is also limited. But that only applies when you run that process under
the limited environment. When using DropMyRights, SysInternals'
psexec, or other such utilities that run the child process under
limited privileges, only the process they start is limited. So if you
use them to start the web browser, that instance of the web browser is
limited and you get more protection.

Since Microsoft has documented that the *desktop* not the process is the
security boundary with Windows, that's most definitely *not* what you
want to do. Instead you want to create an LUA, do your everyday work
with that account, and only switch to an admin account to do
administrative work.

"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich