Re: Load ActiveX Controls on Vista Without Administrator Priv ileges

["Fergie" <fergdawg () netzero net>]

The issues is, at least from my perspective, is that the ability
for an "...administrator can go into a console and define a list
of Web sites and applications that are preapproved..." does not
seem to (at first blush) be tightly integrated to the ability to
bypass this control entirely.

Of course, I could be wrong. :-)

- ferg



-- "Jerry Hill" <malaclypse2 () gmail com> wrote:

On 7/3/06, Fergie <fergdawg () netzero net> wrote:
> I agree with Bruce Schneier on this one -- this seems like a
> really bad idea.

I'm not sure I see why.  Here's the original article that everyone
seems to be pointing back to:
http://www.eweek.com/article2/0,1759,1979231,00.asp

That article says "a system administrator can go into a console and
define a list of Web sites and applications that are preapproved."  If
the ActiveX control isn't on the whitelist, Vista falls back to asking
for an administrator login to install a new ActiveX control.

So, what's the problem?  Is it just a distaste for ActiveX controls in
general?

-- 
Jerry


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.