Bugtraq mailing list archives
Re: XML in IE 5.0
From: jjohanss () BU EDU (Jesper M. Johansson)
Date: Wed, 19 Jan 2000 10:00:17 -0500
For Windows users, The MS guys gave an interesting talk at the NTBugtraq Canada Day Party at Russ' house last year. NT2000 will include a feature that is similar to su on unix, which will allow one to have different windows open as different users on the same box... I believe it's an extension of the terminal server concept. Anyway, once folks get NT2000, they should really consider running their browsers as locked-down, non-priveledged users.Except that user preferences are no longer stored as being owned by *that* user (roaming profile problems anyone ?), per-user disk cache usage isn't associated with the correct user, etc. Can you really imagine 90% of Internet users being savvy enough to run a browser in an "su" window ? The other option here for M$ is to reinvent the setuid bit :->
What you are talking about is the Run As... feature. It works, reasonably well, to let you run the machine as a different user. There was an SU command in the Resource Kit for NT 4, but it did not allow you to run control panels as an administrator. The Run As... does (right click on them, select Run As...). Thus, you can use it to set permissions (from the command line of course), change the page file size, change the IP address (no reboot required!), manage users and shares, and other administrative tasks However, it is still severely lacking, compared to a *NIX su: 1. You cannot run an Explorer window as a different user. Nor can you get a new desktop in a different user context. I also would not recommend running your browser in that context. I have seen IE being run as an administrator spawn processes in user context. I would expect that the opposite could also happen. Run As... is designed for administrative tasks while logged on as a user. It is not designed to give you a functional OS as an administrator. 2. You cannot use it for most of the existing InstallShield installers. In many cases they fail to recognize the context properly and crash. In other cases, they appear to work properly, but some of the processes they spawn are spawned in a regular user context. In any case, it usually is abysmally slow, on the order of taking 5-15 minutes to bring up the installers window after it is launched The Run As... is a nice feature, and a good bit better than the NT4 RK SU, but it is nowhere near a *NIX su yet, unfortunately. Jesper M. Johansson
Current thread:
- Re: XML in IE 5.0 Mike Brown (Jan 13)
- Re: XML in IE 5.0 Mikael Olsson (Jan 13)
- Re: XML in IE 5.0 Mike Brown (Jan 13)
- <Possible follow-ups>
- Re: XML in IE 5.0 Ryan Russell (Jan 14)
- Re: XML in IE 5.0 Brian Behlendorf (Jan 17)
- Re: XML in IE 5.0 David LeBlanc (Jan 18)
- Re: XML in IE 5.0 Jesper M. Johansson (Jan 19)
- Re: XML in IE 5.0 Brian Behlendorf (Jan 17)
- Re: XML in IE 5.0 Darren Reed (Jan 17)
- Re: XML in IE 5.0 Jesper M. Johansson (Jan 19)
- SubSeven 2.1a (trojan) Andrew Griffiths (Jan 19)
- Re: XML in IE 5.0 David LeBlanc (Jan 20)
- Some discussion in http-wg ... FW: webmail vulnerabilities: a new pragma token? Eric D. Williams (Jan 19)
- Re: XML in IE 5.0 Mikael Olsson (Jan 13)
- SyGate 3.11 Port 7323 / Remote Admin hole jalerta () nestworks com (Jan 28)
- [LoWNOISE] Rightfax web client 5.2 ET LoWNOISE (Jan 29)