Welcome to Vista Banter. You are currently viewing our boards as a guest which gives you limited access to view most discussions, articles and access our other FREE features. By joining our free community you will have access to ask questions and reply to others posts, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact support. |
|
Security and Windows Vista A forum for discussion on security issues with Windows Vista. (microsoft.public.windows.vista.security) |
|
LinkBack | Thread Tools | Display Modes |
|
|||
Disabling UAC doesn't actually decrease security?
With UAC enabled in Vista build 5536, I get confirmation prompts in admin
accounts, and I get password dialog boxes in standard user accounts. And of course standard users can't read each other's home directories. Then I ran secpol.msc and under Local Policies\Security Options I disabled User Account Control: Run all administrators in Admin Approval Mode, and then rebooted. Now, as expected, admin accounts silently grant privilege elevation and no longer give confirmation prompts, but in standard user accounts, instead of getting a password dialog or a silent granting of privilege elevation, I get automatic denial. And standard users still can't read each other's home directories. So, if non-admin users are using standard user accounts, and the admin accounts are used only to run trusted software, then what security is actually lost by disabling UAC? Standard user accounts haven't gained any new privileges by having UAC disabled. |
|
|||
Disabling UAC doesn't actually decrease security?
That's because you haven't actually disabled UAC itself
-- Jane, not plain 64 bit enabled Batteries not included. Braincell on vacation :-) "Roof Fiddler" wrote in message ... With UAC enabled in Vista build 5536, I get confirmation prompts in admin accounts, and I get password dialog boxes in standard user accounts. And of course standard users can't read each other's home directories. Then I ran secpol.msc and under Local Policies\Security Options I disabled User Account Control: Run all administrators in Admin Approval Mode, and then rebooted. Now, as expected, admin accounts silently grant privilege elevation and no longer give confirmation prompts, but in standard user accounts, instead of getting a password dialog or a silent granting of privilege elevation, I get automatic denial. And standard users still can't read each other's home directories. So, if non-admin users are using standard user accounts, and the admin accounts are used only to run trusted software, then what security is actually lost by disabling UAC? Standard user accounts haven't gained any new privileges by having UAC disabled. |
|
|||
Disabling UAC doesn't actually decrease security?
Hello,
This actually does disable UAC. The security loss comes into play because all programs now silently run with the full privileges of the user. When logged in as an administrator, all programs run with full admin privileges, even the ones that don't need it. This is bad news in today's world, regardless of operating system. UAC does three things for you, and you see the most benefit when running under the admin account, but this also benefits normal users by allowing them to elevate: 1) Programs run only with the least privileges necessary. Notepad shouldn't be able to take control of your domain and format all the hard drives on your network. Why give it so much power? 2) Programs that NEED admin access MUST be approved to run by YOU at the time that they start, every time. So, if somehow some nasty software burrows onto your system and gets itself to start somehow, you can stop it from starting. There is no way to bypass this behavior with UAC enabled - if you allow something to run elevated, you can no longer blame Windows for the intrusion. 3) UAC provides the infrastructure for more advanced security controls such as Internet Explorer protected mode. I would expect that future versions of windows will add more security controls based on the core UAC model. -- - JB Windows Vista Support Faq http://www.jimmah.com/vista/ |
|
|||
Disabling UAC doesn't actually decrease security?
"Jimmy Brush" wrote in message
... Hello, This actually does disable UAC. The security loss comes into play because all programs now silently run with the full privileges of the user. When logged in as an administrator, all programs run with full admin privileges, even the ones that don't need it. This is bad news in today's world, regardless of operating system. UAC does three things for you, and you see the most benefit when running under the admin account, but this also benefits normal users by allowing them to elevate: 1) Programs run only with the least privileges necessary. Notepad shouldn't be able to take control of your domain and format all the hard drives on your network. Why give it so much power? 2) Programs that NEED admin access MUST be approved to run by YOU at the time that they start, every time. So, if somehow some nasty software burrows onto your system and gets itself to start somehow, you can stop it from starting. There is no way to bypass this behavior with UAC enabled - if you allow something to run elevated, you can no longer blame Windows for the intrusion. 3) UAC provides the infrastructure for more advanced security controls such as Internet Explorer protected mode. I would expect that future versions of windows will add more security controls based on the core UAC model. -- - JB Windows Vista Support Faq http://www.jimmah.com/vista/ Sounds similar to how XP was set up . . . but at least new users in Vista are defaulted to Standard (only the first user set up is defaulted to Admin). Mic |