Welcome to Vista Banter. You are currently viewing our boards as a guest which gives you limited access to view most discussions, articles and access our other FREE features. By joining our free community you will have access to ask questions and reply to others posts, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact support. |
|
Security and Windows Vista A forum for discussion on security issues with Windows Vista. (microsoft.public.windows.vista.security) |
|
LinkBack | Thread Tools | Display Modes |
|
|||
Is there a way to launch processes with arbitrary MIC labels?
Hello:
Is there a way to launch processes with arbitrary (or at least lower) mandatory integrity control labels? For example, is there something like a runas.exe command which can be used in a CMD shell running with the Medium MIC label to launch a process with the Low MIC label? Is the only way to launch a process with the Low MIC label is to hard code that label into the assembly or PE? Thanks! |
|
|||
Is there a way to launch processes with arbitrary MIC labels?
Hello,
runas looks as if they are working in adding this feature. Check out: runas /trustlevel runas /showtrustlevels In the mean time, I believe winternals has a tool that will allow you to do this. -- - JB Windows Vista Support Faq http://www.jimmah.com/vista/ |
|
|||
Is there a way to launch processes with arbitrary MIC labels?
runas /trustlevel
runas /showtrustlevels I'm not sure, but I believe these are for Software Restriction Policies, not MIC. I believe winternals has a tool that will allow you to do this. Process Explorer can launch a program as a limited user, i.e., with most privileges stripped and with a deny-only SID for the Administrators group in the SAT, but I don't see a way for it to launch with arbitrary MIC labels (unless it's a different tool you had in mind). Thank you for the suggestions though! |