Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Executing app with admin privileges

From: "Hylton Conacher(ZR1HPC)" <hylton () conacher co za>
Date: Thu, 27 Jul 2006 13:56:24 +0200
Hi David,

Dixon, Wayne wrote:

Additionally, you can set the properties of the program to always
"RunAs", then all the user would have to do is enter in the proper
password....
Sure giving users the admin password is not a good idea but if they become a local administrator ie local to their box, what damage can they do to the domain as they only have full control over their box. I thinking along the lines that a there are different types of admins in the AD structure so perhaps giving a user admin priveleges on a read only link is fine as they will not have sufficient admin privileges to edit anything outside of their box? Of course auditing would need to be stepped up to monitor for 'admins' nefarious activities with a strict warning of 'you will be fired if you admin outside of your box, even unknowingly'. 
--
========================================================================
Currently using SuSE 9.2 Professional with KDE and Mozilla 1.7.2
Linux user # 229959 at http://counter.li.org
========================================================================


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: