Educause Security Discussion mailing list archives
Re: web browser security zones
From: Gary Dobbins <dobbins () ND EDU>
Date: Wed, 11 Jan 2006 13:12:28 -0500
We're also exploring if this would be effective and usable for a large population - making IE consider our own domain trusted, and decreasing IE's trust for the rest of the Internet to below the default setting. So we too are interested in how campuses have received such settings, and/or adjusted the approach. Of course, this tactic doesn't mitigate the risk if our own sites get defaced. But the rest of the time it would hopefully decrease the stuff that gets picked up through "casual browsing" during lunch hours. Kevin Shalla wrote:
This prompts me to ask about web browser security zones. Does anyone make substantial changes to the default IE security zone security? How effective is this? We make a few changes (adding certain sites to the trusted sites and granting certain extra access in that zone), but not much. Do other browsers have such detailed settings by security zone? It appears that Firefox has very little granularity (just load images and popups) in the security setup.
-- ------------------------------------------------------------ Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies
Current thread:
- web browser security zones Kevin Shalla (Jan 11)
- <Possible follow-ups>
- Re: web browser security zones Valdis Kletnieks (Jan 11)
- Re: web browser security zones Gary Flynn (Jan 11)
- Re: web browser security zones Gary Dobbins (Jan 11)
- Re: web browser security zones Gary Flynn (Jan 11)