Security Basics mailing list archives
Re: Run As/Domain Login Windows XP Home
From: Oliver Maurhart <oliver.maurhart () arcs ac at>
Date: Wed, 05 Jul 2006 08:42:21 +0200
I'm just curious: why do you think, that a browser-process running as a certain user does have anything to do with an Exchange-Webmail-Domain-User? I access my company's exchange webmail service also via a browser ... from my Firefox/Linux ... Operating System user specify which Operating System resources on the local machine can be accessed and which may be denied. Among those resources are certainly files but also hardware devices like ethernet card, printers, USB stuff etc. I can't see, how an operating system on the local machine does in any way relate to some sophisticated user concept encapsulated in arbirtrary HTTP protocol messages. Sure, you're current login user could be the same as the user at the exchange server, but since you are using a browser doing Webmail you are going over simple HTTP, which - initialy - is a stateless protocol: it doesn't have any clue about something called "session" or even "user". Those items are built in by more sophisticated protocols based on top of HTTP (HTTP + SSL = HTTPS), but if then - derived from an absolute "I don't know a user" basis - you simply can't grasp a user out of nothing, because the underlaying standard stuff won't let you. Well, at least if you're going in a formal standard way, without installing some fancy "Add-Ons" to your special, favorite Web-Browser to ask the current underlaying operating system, what the heck the current process user is. But again: this - as for XP - is usually some closed code in binary format and it is going for very sensitive operating system details. So you - for yourself - don't actually know, what this "Add-On" is *really* going to do ... Is this really what you want? Oliver Kenton Smith wrote:
Why would you want to do this? There are programs that will let you run other programs as a particular user, however since XP home doesn't allow for domain integration I would suspect that you can't do this either. Does the webmail interface not ask you to login? If not, it should, and if so does that not accomplish exactly what you are trying to do? Kenton --- Sam Munro <sam.munro () gmail com> wrote:HI All, I have a scenario for you. None cooperate laptop on a company network not registered on the domain. Problem number one OS is XP home. I want to access company email via web-access from this laptop. Internet access is already possible via the company proxy. I want to run the browser as a user on the domain and then access my mail with the exchange server URL. Is this possible and if so how. Step-by-step instructions would be advantagous. Cheers, Sam---------------------------------------------------------------------------This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus---------------------------------------------------------------------------__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
-- DI Oliver Maurhart ARC Seibersdorf research GmbH Quantum Information Security Quantum Technology Tech Gate Vienna Donau-City Strasse 1/3rd floor 1220 Vienna, Austria Phone: +43 (0) 50550 - 4182 Fax: +43 (0) 50550 - 4190 eMail: oliver.maurhart () arcs ac at Web: http://www.smart-systems.at RSA2048 Fingerprint: 918C DEBC B216 C8BA 5FC8 6075 B94E 22BD 4CE2 18DD
Attachment:
oliver.maurhart.vcf
Description:
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Run As/Domain Login Windows XP Home Sam Munro (Jul 04)
- Re: Run As/Domain Login Windows XP Home Kenton Smith (Jul 04)
- Re: Run As/Domain Login Windows XP Home Oliver Maurhart (Jul 05)
- RE: Run As/Domain Login Windows XP Home Murad Talukdar (Jul 05)
- RE: Run As/Domain Login Windows XP Home Andrew Aris (Jul 05)
- Re: Run As/Domain Login Windows XP Home Sam Munro (Jul 06)
- <Possible follow-ups>
- RE: Run As/Domain Login Windows XP Home Eric Pinkerton (Jul 05)
- Re: Run As/Domain Login Windows XP Home Kenton Smith (Jul 04)