Security Basics mailing list archives
Re: Windows,Linux, admin account's, su,runas, and user switching
From: "Tim Syratt" <tim () syratt com>
Date: Sat, 18 Oct 2003 22:05:07 +1000
Hello, Would 'runas' suit your needs? open a command wnidow, and type runas for syntax. Regs, Tim ----- Original Message ----- From: <Tomatohead () myrealbox com> To: <security-basics () securityfocus com> Sent: Saturday, October 18, 2003 1:39 AM Subject: Windows,Linux, admin account's, su,runas, and user switching
I just recently started running as a non-admin on my windows 2000 pro home machine. The main reason I had put this off for so long is because it is a PAIN on windows to run as anything but admin ! Though runas alleviates a lot of problems, it is a pain in the butt to enter your pass everytime you need to run a system program. Of course, I know this is the whole point ! Linux has su which "caches" your credentials for a while ... a very nice feature. Windows XP has user switching, but I had heard user switching somehow weakens the system security ? Is this true at all ? I have come up with my own solution to this ... which i hope is a nice compromise between security and convenience. I LOVE this program Total Commander. Now I have it set up as a sort of "mini Admin shell". I launch all the programs i need to run as admin from it, like control panel, services and other admin tools, nero, etc ... I have Total Comm. itself setup with "runas different user" . The main risk of running as admin is that you may inadvertently run some mailicious code under admin privaleges. So I should be safe having this "mini admin shell" running in the background ... since only programs i launch from it will have root privaleges ? Any thought's on this welcome. p.s. If anyone wants to comment on the effectiveness of the windows GINA (screen lockout mechanism) I'd like to hear opinions on that too. cheers, e --------------------------------------------------------------------------
-
FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 --------------------------------------------------------------------------
--
--------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
Current thread:
- Windows,Linux, admin account's, su,runas, and user switching Tomatohead (Oct 17)
- Re: Windows,Linux, admin account's, su,runas, and user switching Tim Syratt (Oct 20)