Security Basics mailing list archives
RE: admin privileges and trojans
From: "Lall, Navneet Singh" <nlall () ipolicynetworks com>
Date: Thu, 30 Nov 2006 10:13:05 +0530
Hi, If you are logged in as a non admin account then processes you execute will Have non admin user rights. This can prevent those programs if infected to do harm than they would be running with admin credentials. But most of time the viruses and Trojans don't need admin privileges. Viruses will infect the system processes which will have all the freedom to do anything irrespective of which user level you login with. Trojans just need to open a non reserved port which a user level process can do but non admin log can prevent it from serious harm. Usually Trojans are not intended to do any harm. Primarily they are used to steal information. Viruses and worms are intended to do harm and spread. Moreover being a non admin user is a little irritating as you will not be able to do some regular work like installing a new program. I suggest one should take the middle path. Provide users the admin access with strict security policies. This approach works well for all parties. Navneet Singh -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of W W Sent: Wednesday, November 29, 2006 11:00 AM To: security-basics () securityfocus com Subject: admin privileges and trojans I'm trying to put together some information for the higher ups to show them the threat level by allowing users to have admin privileges on their systems. Would it be safe to say that a lot of trojans/viruses could not be installed on a system where users did not have admin privileges? Are there any good studies or analysis out there? I've looked around a bit, and I have found some minor articles. I wanted to see what your thoughts were. Thanks. C
Current thread:
- RE: admin privileges and trojans Lall, Navneet Singh (Dec 01)
- <Possible follow-ups>
- Re: admin privileges and trojans Colin Copley (Dec 01)