Security Basics mailing list archives
Re: preventing run-as option
From: "Clinton E. Troutman" <clint.troutman () sbcglobal net>
Date: Wed, 11 Oct 2006 00:50:20 -0500
On Tuesday 10 October 2006 12:48, Lariviere, Stephen wrote:
I tend to like system enforced policy vs. verbal (threats). The question was how is it disabled, not 'what do you think of our poor security practices'; however; obviously, that is the underlying issue but it still doesn't address the security posture that is allowing the access.
I understood what was asked. I also understand this list is "security basics" and that it is not necessarily the case the OP understands he/she is asking how to treat a symptom and not how to treat the disease. OK, so the OP disables runas. That solves nothing. A user simply has to take the extra steps to logout of their credentials and login using the forged credentials. They can still do what they wanted to do and have the added benefit, if they didn't already know it, that they now can access anything related to those forged credentials. Hmmm, has the situation been made better?? By treating the disease (the real security problem of traded credentials), the OP solves an entire range of security issues he/she may not have yet even realized are present... -- Clinton E. Troutman --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: preventing run-as option, (continued)
- RE: preventing run-as option Murda Mcloud (Oct 10)
- RE: preventing run-as option Dubber, Drew B (Oct 10)
- Re: preventing run-as option MaddHatter (Oct 10)
- Re: preventing run-as option MPope (Oct 11)
- RE: preventing run-as option Buozis, Martynas (Oct 11)
- Re: preventing run-as option MaddHatter (Oct 10)
- RE: preventing run-as option Dixon, Wayne (Oct 10)
- Re: preventing run-as option Clinton E. Troutman (Oct 10)
- RE: preventing run-as option Scott Ramsdell (Oct 10)
- RE: preventing run-as option Lariviere, Stephen (Oct 10)
- RE: preventing run-as option Lariviere, Stephen (Oct 10)
- Re: preventing run-as option Clinton E. Troutman (Oct 11)
- Re: preventing run-as option Ansgar -59cobalt- Wiechers (Oct 11)
- RE: preventing run-as option Murda Mcloud (Oct 12)
- Re: preventing run-as option nikhil (Oct 11)
- RE: preventing run-as option Lariviere, Stephen (Oct 13)
- Re: preventing run-as option Ansgar -59cobalt- Wiechers (Oct 13)
- RE: preventing run-as option Murda Mcloud (Oct 15)