Re: firewall on budget ?
- From: Ansgar -59cobalt- Wiechers <usenet-2007@xxxxxxxxxxxxxxxx>
- Date: Fri, 27 Jul 2007 02:58:02 +0200 (CEST)
On 2007-07-27 jameshanley39@xxxxxxxxxxx wrote:
On Jul 25, 11:34 pm, Ansgar -59cobalt- Wiechers wrote:
jameshanle...@xxxxxxxxxxx <jameshanle...@xxxxxxxxxxx> wrote:
But it's quite a nuisance. For reasons mentioned . Maybe ok for an
end user that doesn't need administrative rights very often. Or for
a techie using the family machine (not commonly experimenting on it
putting servers on or amending the firewall settings, installing
other programs)
Once a box is set up properly, people do not need administrative
rights very often. BTDT.
end users in a company don't, at home - some want it at their own
risk, and call a cheap geek if it goes wrong.
But techie users may well need it.
What do you think I am?
What do you do? Suppose you browse frequently, and do admin operations
sometimes during te day, and install programs often. Are you logging
off and on often for the admin operations?
On my local computer when I need to do admin tasks I usually start the
respective Programs via runas (the context menu, actually). And as I
already wrote below, in a case where I have to run multiple programs
with admin privileges, I start a file manager (or command prompt) with
admin privileges, and start the other programs from there.
Are you spending extra time to load up your browser, Right clicking an
icon and typing a password? Just to start your browser.
Then if you close it, you have to do it again!!!
Nope. I'm logged in as a limited user and start the browser from there.
[...]
You can't write a little file like c:\a.txt, ok, that can be
sorted.. you can create a folder on c:\, so can do c:\a\a.txt or
c:\crp\a.txt
Ummm... normal users are not supposed to create files in C:\. Users
have full write access in their %USERPROFILE%, which is the place
where they are supposed to create their files (preferrably either in
the "My Documents" subfolder or %TEMP%).
*end users* But a techie user may well want to put a txt file on c:\ ,
for the benefit of it being a short easy path. Easy to get to from the
command line.
Maybe I wasn't clear enough: NO ONE needs to create files in C:\.
Period. Even administrators don't need to create files in C:\ (although
they have the rights to do it). It's utterly stupid to create files in
C:\.
What do you do?
For your computer.
That's simple: I don't.
Besides, I don't see any reason at all why non-administrative users
should be allowed to create anything (be it files or folders) in C:\
in the first place. Which is why I restrict limited users to
read-only access to C:\ on all systems I set up.
what about you, a techie user ?
Like I said before: I don't create files in C:\.
I can do notepad c:\a.txt
On my systems only admins can do that. Of course I expect them to be
smart enough not to do it.
and even a LUA account allows c:\a\a.txt
Not on my systems.
Do you type
notepad c:\document...bloody long path..\
I use either tab-completion or environment variables. Because I'm smart.
In addition to that all of my systems are configured so that I can start
an Explorer instance at %CD% from a command prompt as well as a command
prompt from each directory in the Explorer.
or a load of percentages to type an environment variable?!! Don't you
ever want to type things with a brush of the hand
I want to do things the smart way.
<slightly unnecessary and eccentric elaboration>
notepad, easy.
cd \ , easy. Even easier on a uk keyboard, to do cd\
%userprofile%\desktop . Even the %s are an issue. that's not nice to
type often. You have to look where the number is.. People tend to
touchtype with the keypad.. Typing shift+ one of those top numbers
isn't so smooth.
cobalt@CARBON C:\> doskey cdd=cd "%USERPROFILE%\Desktop"
cobalt@CARBON C:\> cdd
cobalt@CARBON C:\Documents and Settings\cobalt\Desktop> _
doskey is such a nice tool ...
All you want to do is create a file on the comp. Your comp !!
So?
At the moment i'm in a room and some idiot turned the lights out. I
can still type but % are even more of a nuisance than usual 'cos I
can't see the numbers. I'd have to get out of my chair to turn the
lights on. Anyhow, besides that, one should be able to touchtype
something so simple. Those top numbers aren' so accessible without
looking beforehand.. To create a file on the computer I shouldn't have
to squint or even look, at the keyboard.
Then use your mouse. Right-click on the desktop > New > Textfile.
Could it be you're just trying to be difficult?
Installing a program, getting an error, then doing the run as, can
be a nuisance. If I was installing many programs, trying loads out,
over a few days, and I wanted to browse the internet and do other
things. It'd be too much hassle doing so from a limited account.
It's a good reason why a techie's computer may most practically be
best off running as administrator all the time.
I've been doing exactly what you call "too much hassle" for years
now, without any problems. If you need to grow progress bars while
doing other work as a limited user, you just start your preferred
file manager via runas and run all setups from there. Problem solved.
So you're doing runas once, but then you need you file manager's
window open all the time.
Here's a big issue. Windows xp only has preinstalled, windows explorer
as a file manager. Doing runas on that has issues.
(probably linked to the fact that in the ctrl alt delete world, it's a
shell one can end and restart, and one the windows shell has started,
explorer.exe is a file manager! well, if you double click the icon)
A Workaround I briefly read of that I hadn't tried, is to do runas on
IE, and use the address bar to access local files (though I read
something about that not working with IE7) .
A workaround I use on the rare occassions that I use a LUA, is to do
runas on cmd.exe (typing a long runas command to bring up a command
prompt with administrative priviledges)
And apparently there's a fix that can be done on a per account basis,
to allow you to do runas on explorer.exe
http://blogs.msdn.com/aaron_margosis/archive/2004/07/07/175488.aspx
http://searchwincomputing.techtarget.com/tip/0,289483,sid68_gci1251819,00.html
If you use a 3rd party file manager and get around it that way, you
have to install that + do so for all your end users.
Yeah? Then admin dust must have magically made those issues go away for
me. Or maybe it was that "Run Explorer windows in separate process"
setting in the folder options? Who knows.
However, I also do use another (two-window) file manager alongside the
Windows Explorer, just because sometimes it's handy to have one. The one
I use can be unpacked to an arbitrary directory (e.g. on a share) and
then run from there without any further installation. Very convenient.
BTW, you do realize that you can run a command prompt with admin
privileges by right-clicking the executable (or shortcut to it) and then
selecting "run as..." from the context menu, don't you?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^My experience is that you can't burn a CD from a limited account. I
tried with a few different pieces of software. nero, cdburnerxp,
and prob another one. I guess maybe your reference would work for
that.
Install Nero Burn Rights and put the users that should be able to
burn CDs into the group "Nero" (works for other burning software too).
Or use a different program. Deep Burner for instance works just fine
as a limited user here.
Such a trivial thing, and nero needs special treatment.
All CD burning software needs special treatment, because they require
hardware access, which is normally prohibited by the operating system
for limited users.
Doesn't cover other cd burners though.
Read again.
At least that hassle is a one-off, ok. Though for the rare times I
burn a CD. I can deal with runas.
That's not necessary, as I described above.
Logging off and on is a hassle in time, and especially moreso if it
means closing your programs. Is a bit off-putting too. If you're
busy with all these windows up.
Then use runas. It's only the second best option, but an option
nonetheless.
That doesn't apply here.
Runas works for installing or running programs that need
administrative priviledges to install or run respectively.
But it doesn't let you make administrative amendments, e.g. to the
windows firewall. Or adding/deleting users, resetting a password.
Of course it does. Most items in the control panel can be started via
runas, and of course you can start things like the Computer Management
console just the same way.
If doing admin tasks many times a day, at any time, it'a a hassle to
close all your programs and go to administrative mode, do them. Then
to go back as LUA to browse the web. And what if you want to do an
admin task and browse the web to check something.
Well, of course you can take a hammer and apply a couple nails to your
foot. However, the resulting pain is not the fault of the hammer.
Furthermore, if one had a P2P app it means they'd end up far away in
the queue..
I'm running a BitTorrent client on this Win2k box as a limited user
without any problems. Your point being? It's not like somebody's
forcing you to use crappy P2P software.
Bit Torrent does not supercede P2P in any way. It has its issues
For a start, there's playing the game of searching for torrents. It
may take searching on a few websites to find what you want, and those
websites go down often and you have to be \in the loop' as to what the
current good torrent search sites are.
They are also different communities, diferent programs are availale.
Even from one P2P app to another. One may be good for music, another
for various genre of short video clips, another for (big) movies.. I
found an old program AA - autodesk animator - on kazaa. Kazaa made it
easy to share files. Yet, te first bit torrent client (The standard
one), i didnt' 'use it much but I recall it being messy to share the
files you downloaded, I think you had to keep windows open, one per
file.. Maybe a good client like uTorrent improves that. But all these
things have issues. P2P is good. For programs, vid clips, movies,
anything.
If you can tell me a way to find torrents that doesn't involve
googling myself into a new seat in hell, i'd like to know. One website
with all the torrents, a website that doesn't go down. I sitll doubt
it'll have the array of files that P2P apps do..
Well, if you want to keep using crappy applications: that's your choice.
But don't come complaining then.
cu
59cobalt
--
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html
.
- References:
- Re: firewall on budget ?
- From: jameshanley39@xxxxxxxxxxx
- Re: firewall on budget ?
- From: Ansgar -59cobalt- Wiechers
- Re: firewall on budget ?
- Prev by Date: Re: firewall on budget ?
- Next by Date: Re: How do I allow non-admin user add a route to route table?
- Previous by thread: Re: firewall on budget ?
- Next by thread: Re: firewall on budget ?
- Index(es):
Relevant Pages
|
