Security Incidents mailing list archives
RE: IE Malware / Spyware Control Methods
From: "Bernie Cosell" <bernie () fantasyfarm com>
Date: Wed, 12 Jan 2005 07:41:55 -0500
On 11 Jan 2005 at 16:11, Jeff Bryner wrote:
Has anyone resorted to 'run as' or dropping rights within a process to control administrative access within IE:
I've been doing that since the day I first loaded XP/Pro. It really works very well. I didn't know about the registry flag trick mentioned here:
Run as with explorer (or ie) http://blogs.msdn.com/aaron_margosis/archive/2004/07/07/175488.aspx
for running explorer, but I just use IE [and I can't remember how, but I discovered the "put Control Panel in the address bar" trick]. I can go weeks at a time without having to log in on my Admin account _at_all_. Another trick is that when you need to install something, you can just "RunAs"/Admin the setup.exe file out of your limited account. The only tricky part is chasing down the little niggles of improperly coded programs: the most common one is programs that require write access to their install directory but you run into all sorts of infelicities [e.g., needing access to odd registry keys]. If you can figure out what the program needs, it is usually easy to tweak the security settings [via an IE browsing the filesystem, of course..:o)] Meta question: does anyone know if [and if so, how] to use the security auditing machinery to figure out what a program needs? The usual situation is that you install a program [runas/admin] and then you try to run it from your limited account and it just won't run... I have this feeling that I should be able to turn on some sort of event logging or some such in XP and then just go to a log to see what the program tried to do that it was denied access to, but I haven't been able to figure out how to do it... /Bernie\ -- Bernie Cosell Fantasy Farm Fibers mailto:bernie () fantasyfarm com Pearisburg, VA --> Too many people, too few sheep <--
Current thread:
- Re: IE Malware / Spyware Control Methods, (continued)
- Re: IE Malware / Spyware Control Methods Valdis . Kletnieks (Jan 10)
- Re: IE Malware / Spyware Control Methods Chris Krough (Jan 07)
- Re: IE Malware / Spyware Control Methods Harlan Carvey (Jan 07)
- Re: IE Malware / Spyware Control Methods Valdis . Kletnieks (Jan 10)
- Re: IE Malware / Spyware Control Methods Paul Laudanski (Jan 10)
- RE: IE Malware / Spyware Control Methods Paris E. Stone (Jan 07)
- RE: IE Malware / Spyware Control Methods Jose Nazario (Jan 07)
- Re: IE Malware / Spyware Control Methods Saad Kadhi (Jan 10)
- RE: IE Malware / Spyware Control Methods M. Shirk (Jan 10)
- RE: IE Malware / Spyware Control Methods Jeff Bryner (Jan 11)
- RE: IE Malware / Spyware Control Methods Bernie Cosell (Jan 12)
- RE: IE Malware / Spyware Control Methods Orlando Richards (Jan 12)
- RE: IE Malware / Spyware Control Methods Jose Nazario (Jan 07)
- RE: IE Malware / Spyware Control Methods David Gillett (Jan 10)
- Re: IE Malware / Spyware Control Methods gadgeteer (Jan 10)