funsec mailing list archives
Re: Load ActiveX Controls on Vista Without Administrator Priv ileges
From: "Jerry Hill" <malaclypse2 () gmail com>
Date: Mon, 3 Jul 2006 14:06:57 -0400
On 7/3/06, Fergie <fergdawg () netzero net> wrote:
The issues is, at least from my perspective, is that the ability for an "...administrator can go into a console and define a list of Web sites and applications that are preapproved..." does not seem to (at first blush) be tightly integrated to the ability to bypass this control entirely.
I must be dense, because I still don't understand what you're saying. If the administrator has issued you a non-admin account, I don't think you can bypass the whitelist. If you want to install something not on the whitelist, you'll need an account with admin privledges to do so[1]. Or are you saying that you'd like the domain administrator to be able to disable the whitelist entirely? I assume that wouldn't be a problem, but I suppose I could be wrong. [1] - Assuming no bugs in the implementation on Microsoft's part, of course. -- Jerry _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Load ActiveX Controls on Vista Without Administrator Priv ileges Fergie (Jul 03)
- Re: Load ActiveX Controls on Vista Without Administrator Priv ileges Jerry Hill (Jul 03)
- Re: Load ActiveX Controls on Vista Without Administrator Priv ileges Dude VanWinkle (Jul 03)