Home page logo
/

basics logo Security Basics mailing list archives

RE: Executing app with admin privileges
From: "Gaydosh, Adam" <GaydoshA () ctc com>
Date: Fri, 21 Jul 2006 12:53:13 -0400

Take a look at this blog, he discusses a number of options, pros & cons
of each:
Fixing "LUA bugs", Part I
http://blogs.msdn.com/aaron_margosis/archive/2006/02/16/533077.aspx

Fixing "LUA Bugs", Part II
http://blogs.msdn.com/aaron_margosis/archive/2006/03/27/562091.aspx 

-----Original Message-----
From: Dummy cerberus [mailto:dummycerberus () gmail com] 
Sent: Thursday, July 20, 2006 4:56 AM
To: security-basics () securityfocus com
Subject: Executing app with admin privileges

Hello everyone,

I have come across with the following problem:

I work at the systems department, and we MUST host every 
stupid application that is developed all over the 
organisation... most of the times with no common criteria at 
all, neither with common sense.

Now, we have to install a client/server application, and it 
has been developed in such a way, that the user who executes 
the client side, has to have "local admin/advanced user" 
privileges on the desktop where he is executing it...

There's no way to modify that application, so I wonder whether 
or not there is a tool that could allow me to configure the 
system in such a way that all the users could execute that 
application, without giving them "local admin/advanced user" 
privileges for the whole system (only for that stupid application).

I wonder if there's a way to acomplish that wether with AD 
policies or third party tools (better if free ;-)

Thanks in advance, and best regards

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]