This is how windows security should work...
-
Some of you may remember a few weeks ago that my son completely screwed up his gaming machine, because his dad (me) was a lazy arse that couldn't be bothered to get his games to run properly in non-admin mode. Well, I've reinstalled the whole machine, and like a good IT person, I've now restricted his access and locked the thing down correctly. Anyway, in order to do this I had to use a 3rd party piece of software to allow privelege elevation for specific applications from within his limited user account. There are a million reasons why logging on as another user or trying to use the "Run As" comand are both completely inadequate and poorly implemented solutions. So, if Weven can support the kind of functionality that SuRun[^] provides, I will be buying copies for everyone I know and telling everyone that it is the greatest OS ever created. This is without a doubt one of the most useful utilities I have ever come across, but the shameful thing is that it should have been built into Windows years ago. I won't bore you all with the details, instead here's a link to the original software page: SuRun[^] And just for completeness, here's a link to my sycophantic blog entry on this software: sudo for Windows[^]
The StartPage Randomizer - The Windows Cheerleader - Twitter
-
Some of you may remember a few weeks ago that my son completely screwed up his gaming machine, because his dad (me) was a lazy arse that couldn't be bothered to get his games to run properly in non-admin mode. Well, I've reinstalled the whole machine, and like a good IT person, I've now restricted his access and locked the thing down correctly. Anyway, in order to do this I had to use a 3rd party piece of software to allow privelege elevation for specific applications from within his limited user account. There are a million reasons why logging on as another user or trying to use the "Run As" comand are both completely inadequate and poorly implemented solutions. So, if Weven can support the kind of functionality that SuRun[^] provides, I will be buying copies for everyone I know and telling everyone that it is the greatest OS ever created. This is without a doubt one of the most useful utilities I have ever come across, but the shameful thing is that it should have been built into Windows years ago. I won't bore you all with the details, instead here's a link to the original software page: SuRun[^] And just for completeness, here's a link to my sycophantic blog entry on this software: sudo for Windows[^]
The StartPage Randomizer - The Windows Cheerleader - Twitter
sudo make me a sandwich
-
sudo make me a sandwich
You beat me to it.
Need custom software developed? I do C# development and consulting all over the United States. A man said to the universe: "Sir I exist!" "However," replied the universe, "The fact has not created in me A sense of obligation." --Stephen Crane
-
Some of you may remember a few weeks ago that my son completely screwed up his gaming machine, because his dad (me) was a lazy arse that couldn't be bothered to get his games to run properly in non-admin mode. Well, I've reinstalled the whole machine, and like a good IT person, I've now restricted his access and locked the thing down correctly. Anyway, in order to do this I had to use a 3rd party piece of software to allow privelege elevation for specific applications from within his limited user account. There are a million reasons why logging on as another user or trying to use the "Run As" comand are both completely inadequate and poorly implemented solutions. So, if Weven can support the kind of functionality that SuRun[^] provides, I will be buying copies for everyone I know and telling everyone that it is the greatest OS ever created. This is without a doubt one of the most useful utilities I have ever come across, but the shameful thing is that it should have been built into Windows years ago. I won't bore you all with the details, instead here's a link to the original software page: SuRun[^] And just for completeness, here's a link to my sycophantic blog entry on this software: sudo for Windows[^]
The StartPage Randomizer - The Windows Cheerleader - Twitter
The problem is that, should Weven introduce something with similar functionality, MS will once again be accused of stifling innovation from others. I know SuRun is free but that won't stop the knockers.
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
The problem is that, should Weven introduce something with similar functionality, MS will once again be accused of stifling innovation from others. I know SuRun is free but that won't stop the knockers.
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
Henry Minute wrote:
MS will once again be accused of stifling innovation from others.
if the accusation fits...
-
Henry Minute wrote:
MS will once again be accused of stifling innovation from others.
if the accusation fits...
And it frequently does. :)
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
The problem is that, should Weven introduce something with similar functionality, MS will once again be accused of stifling innovation from others. I know SuRun is free but that won't stop the knockers.
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
Some of you may remember a few weeks ago that my son completely screwed up his gaming machine, because his dad (me) was a lazy arse that couldn't be bothered to get his games to run properly in non-admin mode. Well, I've reinstalled the whole machine, and like a good IT person, I've now restricted his access and locked the thing down correctly. Anyway, in order to do this I had to use a 3rd party piece of software to allow privelege elevation for specific applications from within his limited user account. There are a million reasons why logging on as another user or trying to use the "Run As" comand are both completely inadequate and poorly implemented solutions. So, if Weven can support the kind of functionality that SuRun[^] provides, I will be buying copies for everyone I know and telling everyone that it is the greatest OS ever created. This is without a doubt one of the most useful utilities I have ever come across, but the shameful thing is that it should have been built into Windows years ago. I won't bore you all with the details, instead here's a link to the original software page: SuRun[^] And just for completeness, here's a link to my sycophantic blog entry on this software: sudo for Windows[^]
The StartPage Randomizer - The Windows Cheerleader - Twitter
I've been using this sudo for Windows[^] for ages - I think it may be more configurable than SuRun (it's difficult to tell from the automatic English translation of the SuRun page).
Java, Basic, who cares - it's all a bunch of tree-hugging hippy cr*p
-
I've been using this sudo for Windows[^] for ages - I think it may be more configurable than SuRun (it's difficult to tell from the automatic English translation of the SuRun page).
Java, Basic, who cares - it's all a bunch of tree-hugging hippy cr*p
I looked at sudown for a bit before I found surun, but there were a couple of things about it I didn't like - and neither it seems did the author of surun! This is from the readme.txt in the installation package: ------------------------------------------------------------------------------ Why not use the built in "Run As..." Windows command? ------------------------------------------------------------------------------ *RunAs can (without any administrative rights) be abused by keyloggers and Import Address Table Hookers to get the credentials of an Administrator. *Windows loads the registry and environment for the user that you run as. If a software is about to be installed, the installation program will see the admins HKEY_CURENT_USER and may create registry entries there. Also the software sees "C:\Documents and Settings\Administrator" as the users profile path. SuRun uses the current user account, so all registry entries and file system paths are the same as the user would expect. ------------------------------------------------------------------------------ Why not use SuDown? ------------------------------------------------------------------------------ *SuDown can very easily be used to spy your account password. SuDowns password dialog runs in the users desktop and the password can be caught by any application that uses Windows hooks, even by autohotkey. *SuDown puts every SuDoer, after he logged on, into the Administrators group. Spying the password and using it in a call to CreateProcessWithLogonW would make the spy running as administrator. *SuDown starts any process as administrator without asking for permission for a couple of minutes after the user entered the correct password. *SuDown does not work in a plain Windows 2000 because the windows function "LogOnuser" in Windows 2000 requires a privilege that only system processes have. ------------------------------------------------------------------------------ Why use SuRun? ------------------------------------------------------------------------------ *SuRun uses a secure desktop for sensitive user interaction: SuRun uses a service to create a secure desktop in the window station of the users logon session. On that desktop it will ask the user for permission or the password. The desktop is not accessible by user applications. Keyboard and mouse hooks will also not work on that desktop. *SuRun does not require a password. *SuRun does not put nor leave the user in the
-
I looked at sudown for a bit before I found surun, but there were a couple of things about it I didn't like - and neither it seems did the author of surun! This is from the readme.txt in the installation package: ------------------------------------------------------------------------------ Why not use the built in "Run As..." Windows command? ------------------------------------------------------------------------------ *RunAs can (without any administrative rights) be abused by keyloggers and Import Address Table Hookers to get the credentials of an Administrator. *Windows loads the registry and environment for the user that you run as. If a software is about to be installed, the installation program will see the admins HKEY_CURENT_USER and may create registry entries there. Also the software sees "C:\Documents and Settings\Administrator" as the users profile path. SuRun uses the current user account, so all registry entries and file system paths are the same as the user would expect. ------------------------------------------------------------------------------ Why not use SuDown? ------------------------------------------------------------------------------ *SuDown can very easily be used to spy your account password. SuDowns password dialog runs in the users desktop and the password can be caught by any application that uses Windows hooks, even by autohotkey. *SuDown puts every SuDoer, after he logged on, into the Administrators group. Spying the password and using it in a call to CreateProcessWithLogonW would make the spy running as administrator. *SuDown starts any process as administrator without asking for permission for a couple of minutes after the user entered the correct password. *SuDown does not work in a plain Windows 2000 because the windows function "LogOnuser" in Windows 2000 requires a privilege that only system processes have. ------------------------------------------------------------------------------ Why use SuRun? ------------------------------------------------------------------------------ *SuRun uses a secure desktop for sensitive user interaction: SuRun uses a service to create a secure desktop in the window station of the users logon session. On that desktop it will ask the user for permission or the password. The desktop is not accessible by user applications. Keyboard and mouse hooks will also not work on that desktop. *SuRun does not require a password. *SuRun does not put nor leave the user in the
No - I use SudoWin, not SuDown - they're different things!
Java, Basic, who cares - it's all a bunch of tree-hugging hippy cr*p
-
No - I use SudoWin, not SuDown - they're different things!
Java, Basic, who cares - it's all a bunch of tree-hugging hippy cr*p
And that is a perfect demonstration of why I hate loosely typed languages. Did you see that erroneous variable get created and then I just used it without even noticing! Heck, even the compiler didn't care, it just let me carry right on as if nothing was wrong! I could have been debugging that for hours... *shudder* :-D
The StartPage Randomizer - The Windows Cheerleader - Twitter
-
Some of you may remember a few weeks ago that my son completely screwed up his gaming machine, because his dad (me) was a lazy arse that couldn't be bothered to get his games to run properly in non-admin mode. Well, I've reinstalled the whole machine, and like a good IT person, I've now restricted his access and locked the thing down correctly. Anyway, in order to do this I had to use a 3rd party piece of software to allow privelege elevation for specific applications from within his limited user account. There are a million reasons why logging on as another user or trying to use the "Run As" comand are both completely inadequate and poorly implemented solutions. So, if Weven can support the kind of functionality that SuRun[^] provides, I will be buying copies for everyone I know and telling everyone that it is the greatest OS ever created. This is without a doubt one of the most useful utilities I have ever come across, but the shameful thing is that it should have been built into Windows years ago. I won't bore you all with the details, instead here's a link to the original software page: SuRun[^] And just for completeness, here's a link to my sycophantic blog entry on this software: sudo for Windows[^]
The StartPage Randomizer - The Windows Cheerleader - Twitter
Thank you for posting this! I've had the same problem on my kids' machine where they needed to do Run As Admin for some of the games. Completely misses the point of giving them lower priviledges.
-
Thank you for posting this! I've had the same problem on my kids' machine where they needed to do Run As Admin for some of the games. Completely misses the point of giving them lower priviledges.
Games needing elevation? Wonder why. Manic Miner never used to pop up an elevation prompt. Get the kids a Spectrum +3.
Matt Dockerty
-
Games needing elevation? Wonder why. Manic Miner never used to pop up an elevation prompt. Get the kids a Spectrum +3.
Matt Dockerty
nistrum404 wrote:
Games needing elevation? Wonder why.
Copy protection??
John
-
Games needing elevation? Wonder why. Manic Miner never used to pop up an elevation prompt. Get the kids a Spectrum +3.
Matt Dockerty
I blame bad programming. :) I agree, games should not need elevated rights. Especially when it's my daughter's Barbie Fashion Studio. :) Tim
-
I blame bad programming. :) I agree, games should not need elevated rights. Especially when it's my daughter's Barbie Fashion Studio. :) Tim
Dressing up Barbie requires kernel mode hooks as every programmer knows :laugh:
Matt Dockerty
-
I blame bad programming. :) I agree, games should not need elevated rights. Especially when it's my daughter's Barbie Fashion Studio. :) Tim
-
Barbie should be a *nix game, since she needs root. :laugh:
It is a truth universally acknowledged that a zombie in possession of brains must be in want of more brains. -- Pride and Prejudice and Zombies
Lolol. $ sudo root barbie.
Matt Dockerty
-
Some of you may remember a few weeks ago that my son completely screwed up his gaming machine, because his dad (me) was a lazy arse that couldn't be bothered to get his games to run properly in non-admin mode. Well, I've reinstalled the whole machine, and like a good IT person, I've now restricted his access and locked the thing down correctly. Anyway, in order to do this I had to use a 3rd party piece of software to allow privelege elevation for specific applications from within his limited user account. There are a million reasons why logging on as another user or trying to use the "Run As" comand are both completely inadequate and poorly implemented solutions. So, if Weven can support the kind of functionality that SuRun[^] provides, I will be buying copies for everyone I know and telling everyone that it is the greatest OS ever created. This is without a doubt one of the most useful utilities I have ever come across, but the shameful thing is that it should have been built into Windows years ago. I won't bore you all with the details, instead here's a link to the original software page: SuRun[^] And just for completeness, here's a link to my sycophantic blog entry on this software: sudo for Windows[^]
The StartPage Randomizer - The Windows Cheerleader - Twitter
I had a client that we manage the network for, and they had a need to use Gradience HR software which needs to acces files that are UAC protected, so only admins could use the program. Vista has a way to bypass UAC for specific programs so any user can now run that program; there is no need for a third party tool. Here is a little how to article on it: http://dailyapps.net/2008/01/hack-attack-disable-uac-for-certain-applications-in-vista/[^]
mathew
-
Barbie should be a *nix game, since she needs root. :laugh:
It is a truth universally acknowledged that a zombie in possession of brains must be in want of more brains. -- Pride and Prejudice and Zombies
Not really - she's a natural blonde, and doesn't need to dye ... Him: Quod erat demonstrandum, baby... Her: Ooh - you speak french! Thomas Dolby - "Airhead"