|
Re: What's your modus operandi?
de Mel 05/24/2006 10:40
"Susan Bugher" <sebugher@yahoo.com> wrote in message news:4djrb9F1ar0s8U1@individual.net...
> Ivan Tisljar wrote:
> >
> > Most important thing is, as I see it, regular updating and NOT WORKING
> > as Administrators (or root) on computers. There is no need for that.
> > You can install about 95% of everything as Power user, and no messing
> > up system files.
>
> Thanks Ivan. Which OS does that advice apply to?
There's an item about power users in Mark's Sysinternals blog here
http://www.sysinternals.com/Blog/
"Placing Windows user accounts in the Power Users security group is a
common approach IT organizations take to get users into a least-privilege
environment while avoiding the many pains of truly running as a limited user.
The Power Users group is able to install software, manage power and
time-zone settings, and install ActiveX controls, actions that limited
Users are denied.
What many administrators fail to realize, however, is that this power comes
at the price of true limited-user security. Many articles, including this
Microsoft Knowledge Base article and this blog post by Microsoft security
specialist Jesper Johansen, point out that a user that belongs to the Power
Users group can easily elevate themselves to fully-privileged administrators,
but I was unable to find a detailed description of the elevation mechanisms
they refer to. I therefore decided to investigate.
..."