Least-privileged User Account: Windows XP
Aaron Margosis' WebLog : Why you shouldn't run as admin...
If you admin windows machines you know it is a given that admin rights on a box, is just asking for trouble from your userbase. This is murphy's law in action.
I'm glad to see Microsoft finally realizing this.
The security of user accounts, is worth so much in running a stable, maximum uptime environment, the hassle of administrating it is a fair trade off.
First, let’s define terms. This may be oversimplifying, but for the purpose of this discussion there are only two types of users: Administrators, and Users. They are essentially distinguished by membership in the “Administrators” and “Users” local groups. “Administrators” have complete and unrestricted access to the computer/domain. “Users” are prevented from making accidental or intentional system-wide changes.
Narrowing down to two user types is not entirely arbitrary. In fact, this is exactly how Windows XP Home Edition distinguishes users. Under the hood, its Computer Administrators and Limited Users are members of Administrators and Users, respectively. And besides, membership in groups such as “Power Users” or “Backup Operators” is tantamount to being an Administrator. When I talk about running as non-admin, I am not suggesting running as Power User instead.
0 TrackBacks
Listed below are links to blogs that reference this entry: Least-privileged User Account: Windows XP.
TrackBack URL for this entry: http://kennethhunt.com/mt/mt-tb.cgi/1439
Search
The Open Prosthetics Project
Open Source Ecology
Safari Online
invest in kevlar
chris harrison
Mike Erdely
Andrew W. Moore
Talking Out Loud with ASB
ducea
Andrew Baker
*scottstuff*
Ask Bjorn Hansen
Joe Topjian
John Sequeira's Weblog
Team Murder
defective yeti
postneo
Ben Hammersley
Chez Chrissie
The Frosty Mug Revolution
Jeremy Zawodny's blog
Lucas Gonze
Eric Norlin
slashdot
John Vu
Net Observer
Books Observer
Sterling
Bill Buxton
Melanie Rieback