Security Basics mailing list archives
RE: Rights
From: "Jamie Wareham" <jwareham () smttest com>
Date: Thu, 29 Jun 2006 15:06:23 -0400
I've only encountered an issue with antivirus programs local admin rights to add sig. updates. In order to automate certain SA processes, it appears that local permission level has to stand. Its unfortunate. If you have any suggestions...feel free to add them. Jw~ -----Original Message----- From: Philippe De Ryck [mailto:philippe.de.ryck () skynet be] Sent: Thursday, June 29, 2006 5:22 AM To: security-basics () securityfocus com Subject: Re: Rights On Wed, 2006-06-28 at 12:01 -0500, I Freecycle wrote:
Hello, I'm wondering how others deal with allowing users rights on work
computers.
At our school, users aren't normally given Administrator or Power User rights unless it's absolutely necessary. Occasionally we encounter employees and students that don't understand how easily a system can be messed up and the security issues involved nor why we feel it's necessary to operate like this. I would like to know what others do, and what policies they have in place to address these issues. Thanks,
Hi, I don't allow admin rights at all. The only admin accounts belong to the admins :). This solution works quite good. I've made all the software work as it should (no other software needed) by changing some permissions on some files (not the best solution, but it works). That's all they need actually. I sometimes see traces of people trying to install software, and I'm glad they can't. They also seem able to catch a lot of virusses (harmless ones, but still) during school hours (don't ask me how :)). One more reason to prevent admin rights. In what cases do you really need admin rights? (Maybe I can help (doubtfull) but mostly out of interest). Regards Philippe De Ryck ------------------------------------------------------------------------ --- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Rights I Freecycle (Jun 28)
- Re: Rights Saqib Ali (Jun 29)
- Re: Rights Dereck Martin (Jun 29)
- Re: Rights Philippe De Ryck (Jun 29)
- RE: Rights Jamie Wareham (Jun 29)
- RES: Rights Ricardo Perin (Jun 29)
- RE: Rights Lane, Jim (Jun 30)
- <Possible follow-ups>
- RE: Rights Jeffery Adam (Jun 29)
- RE: Rights David Smith (Jun 29)
- Re: Rights Dereck Martin (Jun 30)
- RE: Rights Jeffery Adam (Jun 30)