Home page logo
/

basics logo Security Basics mailing list archives

RE: Executing app with admin privileges
From: "Nick Duda" <nduda () VistaPrint com>
Date: Mon, 24 Jul 2006 14:19:21 -0400


What about using sudowin?

- Nick

-----Original Message-----
From: Andrew Aris [mailto:andrew () dev bigfishinternet co uk]
Sent: Monday, July 24, 2006 8:38 AM
To: 'Dummy cerberus'; security-basics () securityfocus com
Subject: RE: Executing app with admin privileges

That would certainly work but in the process it opens up a wide range of
security isses - the elevated privilages are available from throughout
the app which means that a file dialog could be used to launch other
apps with those privilages, access restricted files etc.

It's the easy way round it but not really the best.

Regards,

Andrew

-----Original Message-----
From: David Smith [mailto:nich95ds () gmail com]
Sent: 21 July 2006 19:47
To: 'Dummy cerberus'; security-basics () securityfocus com
Subject: RE: Executing app with admin privileges

Could the users use the Run As command and run the app as an
administrator?
(Right-click the executable and click Run As.)

-----Original Message-----
From: Dummy cerberus [mailto:dummycerberus () gmail com]
Sent: Thursday, July 20, 2006 3:56 AM
To: security-basics () securityfocus com
Subject: Executing app with admin privileges

Hello everyone,

I have come across with the following problem:

I work at the systems department, and we MUST host every stupid
application that is developed all over the organisation... most of the
times with no common criteria at all, neither with common sense.

Now, we have to install a client/server application, and it has been
developed in such a way, that the user who executes the client side, has
to have "local admin/advanced user" privileges on the desktop where he
is executing it...

There's no way to modify that application, so I wonder whether or not
there is a tool that could allow me to configure the system in such a
way that all the users could execute that application, without giving
them "local admin/advanced user" privileges for the whole system (only
for that stupid application).

I wonder if there's a way to acomplish that wether with AD policies or
third party tools (better if free ;-)

Thanks in advance, and best regards

------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has
designated Norwich University a center of Academic Excellence in
Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting
experience.
Using interactive e-Learning technology, you can earn this esteemed
degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---

--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.10.3/394 - Release Date:
7/20/2006


--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.10.3/394 - Release Date:
7/20/2006



------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence
in Information Security. Our program offers unparalleled Infosec
management
education and the case study affords you unmatched consulting
experience.
Using interactive e-Learning technology, you can earn this esteemed
degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---




------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence
in Information Security. Our program offers unparalleled Infosec
management
education and the case study affords you unmatched consulting
experience.
Using interactive e-Learning technology, you can earn this esteemed
degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---


---------------------
Confidentiality note
The information in this email and any attachment may contain confidential and proprietary information of
VistaPrint and/or its affiliates and may be privileged or otherwise protected from disclosure. If you are
not the intended recipient, you are hereby notified that any review, reliance or distribution by others
or forwarding without express permission is strictly prohibited and may cause liability. In case you have
received this message due to an error in transmission, please notify the sender immediately and to delete
this email and any attachment from your system.
---------------------

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]