Re: Limited account in WinXP
From: Tony Lawrence (foo_at_pcunix.com)
Date: 05/16/05
- Next message: newstome_at_comcast.net: "Re: Limited account in WinXP"
- Previous message: Scott Lowe: "IMAP4 RFC question"
- In reply to: speeder: "Limited account in WinXP"
- Next in thread: newstome_at_comcast.net: "Re: Limited account in WinXP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 16 May 2005 13:27:49 -0400
speeder wrote:
> I´ve been thinking about creating a limited account in WinXP as
> another layer of security. An administrator level account would exist
> only for installing new stuff. Is this a valid idea as a threat
> deterrent?
>
> My assumption is that in a limited account malicious code from
> webpages or possible injection of malicious code through unknown
> server vulnerabilities (I run a few) would not be able to install or
> provide further attack venues.
>
> If my assumption is all wrong can the limited account be helpful at
> all in providing further security?
Yeah, it's a great idea - but because of how Windows works, I bet you
can't stand running that way very long..
What's really dumb about it is that Windows does have the ability to ask
for a password and run apps as another user - they just don't implement it.
-- Tony Lawrence Unix/Linux/Mac OS X resources: http://aplawrence.com
- Next message: newstome_at_comcast.net: "Re: Limited account in WinXP"
- Previous message: Scott Lowe: "IMAP4 RFC question"
- In reply to: speeder: "Limited account in WinXP"
- Next in thread: newstome_at_comcast.net: "Re: Limited account in WinXP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
