Re: Re: Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution

[Phil Brutsche <phil () tux obix com>]

Bill Royds wrote:
> Last time I was at my doctor's medical clinic, I noticed all the shiny new
> LCD monitors showing the Windows logon prompt with account Administrator. I
> asked the receptionist why. She said so that anyone could sing on any
> machine when they needed it, since individual machines lock out so only
> signed user or administrator can sign on. They did have the screensaver
> timeout so people off the street couldn't sign on. But the only way to make
> the multiple workstations usable from for anybody was to use administrator
> account on all of them.
>   This is a bit of a design flaw in the Windows network that means security
> is much less than it ought to be.

You're giving too much credit for Windows security problems to Windows 
itself and not enough to the "administrators" of the machines or the 
programs the machines need to run.

Even in this day and age there are numerous *niche market* (and even 
many non "niche market") programs that simply will *not* work right 
without write access to someplace under C:\Program Files or some other 
location outside of the user's login profile.  It's like Mozilla on 
Linux trying to save your preferences to someplace under /usr/bin.  Most 
 end-user oriented programs fall into this category.

The "administrators" setting up these environments a) aren't paranoid 
enough b) don't know enough or c) really don't care as long as it works. 
 "It works when I have them use Administrator and that's good enough 
for me!"

--

Phil Brutsche
phil () tux obix com
who has spent many hours cursing Office 97 and Winamp trying to make 
them work properly for restricted users under Win2k/XP

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html