Windows Security Hole in Symantec Ghost
From: Charlie (anonymous_at_discussions.microsoft.com)
Date: 05/27/04
- Next message: Morganna: "Re: Internet Explorer"
- Previous message: Eduard Koller [MSFT]: "Re: Internet Explorer"
- Next in thread: S. Pidgorny
: "Re: Windows Security Hole in Symantec Ghost" - Reply: S. Pidgorny
: "Re: Windows Security Hole in Symantec Ghost" - Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 26 May 2004 19:01:05 -0700
I recently started using the Symantec Ghost Console
(version 8) to remotely install software packages and
create inventories.
The way this is done is to add remote machines to the
Console. All of the machines that I have added are
Windows XP Pro on an NT4 Domain.
An account with Admin rights on the remote machines is
needed for adding them to the Console, which is what one
would expect, so I use the Domain Admin account.
The problem is that I can later log on to the Ghost
Console server with an account that DOESN'T have Admin
rights on the remote machines and install software.
I don't believe that I have ever seen an application that
behaves this way. I don't understand how it can connect
to remote machines based on the credentials of the user
who added them rather than the one who is logged on.
I'm hoping someone can explain this and maybe look into
it because it appears to bypass the usual access controls.
Thanks
- Next message: Morganna: "Re: Internet Explorer"
- Previous message: Eduard Koller [MSFT]: "Re: Internet Explorer"
- Next in thread: S. Pidgorny
: "Re: Windows Security Hole in Symantec Ghost" - Reply: S. Pidgorny
: "Re: Windows Security Hole in Symantec Ghost" - Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
