Educause Security Discussion mailing list archives

Re: Keyloggers in computer labs

From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Mon, 6 Feb 2006 23:15:39 -0500

On Mon, 06 Feb 2006 22:40:08 EST, James Cooley said:

With these pieces of software, you can see exactly what files and
registry keys your problematic software are trying to access and
modify.   With this information, you can relax security on just those
discrete bits of the registry or filesystem that the programs will
need to run as a non administrator user.   With all of the necessary
permissions in place, your software will run happily as a user with
restricted access.


And do the world a favor, and keep careful notes of all the files and
keys that need fixing, and *open bug reports with the vendor*.  It isn't
like "don't run stuff as Administrator" is a new concept - it's been part
of the Unix world since day one, and Windows has had it since NT4.

If the vendor acts resistant to fixing it, explain to them that they
probably don't want to be the recipient of a "trivial bug allows code
execution as Administrator" posting on Bugtraq.....

Attachment: _bin
Description:

Current thread:

Keyloggers in computer labs Kay Sommers (Feb 06)
- <Possible follow-ups>
- Re: Keyloggers in computer labs James Cooley (Feb 06)
- Re: Keyloggers in computer labs Valdis Kletnieks (Feb 06)
- Re: Keyloggers in computer labs Lucas, Bryan (Feb 06)
- Re: Keyloggers in computer labs stanislav shalunov (Feb 06)
- Re: Keyloggers in computer labs Valdis Kletnieks (Feb 07)
- Re: Keyloggers in computer labs Gary Flynn (Feb 07)
- Re: Keyloggers in computer labs Graham Toal (Feb 07)
- Re: Keyloggers in computer labs clementz.7 (Feb 07)
- Re: Keyloggers in computer labs Gary Flynn (Feb 07)
- Re: Keyloggers in computer labs Drake, Craig (Feb 07)
- Re: Keyloggers in computer labs Syrigos, Panagis (Feb 07)
- Re: Keyloggers in computer labs Les LaCroix (Feb 07)

(Thread continues...)