l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2005 Mar 24 06:15

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] Exploits for non-admin accounts in Windows?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] Exploits for non-admin accounts in Windows?

on Wed, Mar 23, 2005 at 09:32:10PM -0800, Richard Crawford (rscrawford@mossroot.com) wrote:

> Yes, it's a Windoze question, but I'm trying to make a point with
> someone who wants to build me a crippled computer for my development
> workstation.
> I was told today by the IT manager in our office that if you don't run
> your Windows computer as an administrator, you never need to worry about
> adware and spyware and viruses.  This seems like an awfully fishy claim
> to me, but maybe I'm just over-paranoid.  Am I?

I'm not a legacy MS Windows expert.  I don't even play one on the

My understanding is that through WinNT 4.0, there were known core RPC
(remote procedure call) holes which made privilege escalation trivial.
Eric Raymond's _The Art Of Unix Programming_ and Nick Petreley's recent
comparison of GNU/Linux vs. legacy MS Windows security models,__ (as
well as much of his prior work) cover this closely.


Anectdotally, friends whose information I tend to respect speak of users
without admin access who've been assaulted with malware installed and/or
running with Admin/System privileges.

An interesting hack is a utility which allows a user to gain _system_
privileges (higher than administrator).  Which would seem to indicate
something wrong with the security model.  The author doesn't believe in
software licensing (I've written him about this), so the code isn't
generally usable, but he's posted it online here:


Then there's the fact that DOS-based legacy MS Windows systems have _no_
concept of user-level security anyway.  User log-ins simply serve to
provide an advisory preference as to your local user profile (other
users can access your local user profile).  Any file can be deleted or
modified by any user.  Only remote access (e.g.:  network/domain login)
is "secured", but that only to the extent the local system can be
trusted (e.g.:  not at all, really).

So:  I'm really not sure what the current state of the art is, but
history, anecdote, and example strongly usggest your IT manager is
thinking wishfully.


Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    Yvonne, I love you, but he pays me.
    - Casablanca

Attachment: signature.asc
Description: Digital signature

vox mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.