This is an interesting program released by a Microsoft Developer. Basically it removes administrative rights when running a particular program, for those of us logged into our machines as administrators all the time (which is extremely BAD of us... and I say 'us' because I do it too...)
For instance to create a shortcut for IE, rather than running:
c:\program files\internet explorer\iexplore.exe
you'd set it up to run:
"c:\program files\dropmyrights\dropmyrights.exe" "c:\program files\internet explorer\iexplore.exe"
When you run the program in this way, IE is run as a normal user rather than an administrator. In this way you can prevent it from doing several things that may be harmful to the system should you open a malicious website.
You would still want to have an icon for IE tucked away somewhere as it is necessary to run as an admin to install Windows Updates, ActiveX components, etc.
The same can be done for Outlook Express and any other higher risk applications you may be running, in order to restrict them in the case that you inadvertantly try to view a malicious e-mail, website, etc.
http://msdn.microsoft.com/library/defau ... 152004.asp
DropMyRights
Moderator: RLG MGMT Team
Sort of...
Sort of, except that sudo is udually used to escalate priveleges; granted there is no saying you can't use another user with less priveleges...
And there is no other user account involved which also makes it interesting.
That's why I think it is an interesting program I guess. It's sorta similar, but sorta like no other program on the planet. Leave it to Microsoft. :lol: :shock:
Flawed! Flawed and Perfect
And there is no other user account involved which also makes it interesting.
That's why I think it is an interesting program I guess. It's sorta similar, but sorta like no other program on the planet. Leave it to Microsoft. :lol: :shock:
Flawed! Flawed and Perfect
I read the description - it looks like it uses your same user (admin) but strips out the specific priveliges (tokens). I'm no expert, so don't ask me deeper questions ;)
I just set up my IE to use it and I notice nothing different - which is good. It may not be the total solution to a safe pc, but every little bit helps.
-B
I just set up my IE to use it and I notice nothing different - which is good. It may not be the total solution to a safe pc, but every little bit helps.
-B
Silence is golden - Duct Tape is silver
What Gator said. 
The page gives a good run down of how it works. The source code is even available; it probably comes to around a 100 lines tops. When you download it you even get the .cpp file and could compile it yourself, if so inclined.
The creator gave a good example of a virus that would be blocked if the program that introduced it to the PC were running as a non-priveleged user vs. an administrator (W32.Beagle.AV@mm)
Gator, if you want to see the difference you can visit windowsupdate.microsoft.com and it should immediately complain that it needs administrative privelages in order to run. Easiest test to see if it looks like it is running properly that I can think of.
The page gives a good run down of how it works. The source code is even available; it probably comes to around a 100 lines tops. When you download it you even get the .cpp file and could compile it yourself, if so inclined.The creator gave a good example of a virus that would be blocked if the program that introduced it to the PC were running as a non-priveleged user vs. an administrator (W32.Beagle.AV@mm)
Gator, if you want to see the difference you can visit windowsupdate.microsoft.com and it should immediately complain that it needs administrative privelages in order to run. Easiest test to see if it looks like it is running properly that I can think of.
I recently re-formatted, and re-installed my WinXP. Whilst doing so it asks what user names are to be catered for. The basic question being, is the first 'user' name typed-in classed as 'administrator'?
Can you put in layman's terms what that little proggy there does, and if it's useful at all for the likes of myself?
Can you put in layman's terms what that little proggy there does, and if it's useful at all for the likes of myself?
It is not the technique that wins a fight, but the more furious mind - Kodiak WOF
You are stuck on stupid. I'm not going to answer that question! - Gen Honore, New Orleans Sep 05
You are stuck on stupid. I'm not going to answer that question! - Gen Honore, New Orleans Sep 05
There will be...
There will be an administrator account and that first username will have administrative priveleges, most likely with any additional ones created at that time.
This program removes administrative priveleges from a program launched with it to limit the potential damage they can do to the system if they are hijacked by a virus, adware, or spyware.
It could be useful to just about anyone who wants to run their computer using an administrator account but wants to IM, read e-mail, browse the web or engage in any other 'high risk' behaviour with less priveleges.
This program removes administrative priveleges from a program launched with it to limit the potential damage they can do to the system if they are hijacked by a virus, adware, or spyware.
It could be useful to just about anyone who wants to run their computer using an administrator account but wants to IM, read e-mail, browse the web or engage in any other 'high risk' behaviour with less priveleges.
Okay, cool! I don't think I have any true need for it right now myself. having said that, I did create Kerrie's account at the time of installation too :roll: - hope it doesn't have admin rights. Still, she HAS said she'll avoid making use of Ares & other such proggies. Now that she knows she can basically use Media Player to create MP3 files from normal audio CD tracks, I think she may be happier about my telling her she can't mess around with those proggies and websites anymore on my PC. You'd think she'd be over the moon about being offered her very own (don't touch this or I'll scratch you eyes out!) laptop 
, not to mention a wireless net connection. :roll:
, not to mention a wireless net connection. :roll:It is not the technique that wins a fight, but the more furious mind - Kodiak WOF
You are stuck on stupid. I'm not going to answer that question! - Gen Honore, New Orleans Sep 05
You are stuck on stupid. I'm not going to answer that question! - Gen Honore, New Orleans Sep 05
-
Tach Deneva
- Posts: 1546
- Joined: 18 Dec 2002, 18:51
- Location: KY
I run WinXP Pro as a 'Power User' (more rights than a normal user but still less than admin) and use Mozilla Firefox set to just say no to pretty much everything. I'd tell ya how to set XP for Power User but it's been so long since I did it I've forgotten how.
:mrgreen:
TD
:mrgreen:
TD
"Shoo! Shoo! Go away! Oh God, he's got a monkey." -- Ms Purple