Help : Win95 securuty hole (one more)
Joshua Heling
jrh at securepipe.com
Fri Feb 27 15:35:47 GMT 1998
In message <199802271354.IAA12154 at viking.sheridanc.on.ca>, Rob
Naccarato writes
:
>> Rob Naccarato <rob.naccarato at sheridanc.on.ca> wrote :
>>
>> > Actually, can't it be done via the policies? In poledit.exe, I
think
>> > the entry is in Computer->Network->Logon (or something like
that).
>> > In there is a selection for "Require validation by NT server
before
>> > access to Win95".
>>
>> yep that's what i have done.
>> But here the problem is that authentication prevents you to run
>> applications without some server told that you have the right,
but so
>> genious Microsoft programmers have decided to permit to run a
task manager
>> even if you have not logged on and that task manager permits to
run any
>> application that is installed locally. For example explorer that
give you
>> e session on the machine.
>> Very clever, no?
>>
>
>Well, you could delete the taskman.exe file from the local hard
drive.
>That's what we did here.
>
Or you can enable the "only run allowed windows programs" for the
default user (HKU\.Default). (Of course, you want to then define an
empty list of allowed programs.) In light testing this appears to
solve the problem.
The following registry changes will do it:
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Polici
es\Explorer]
"RestrictRun"=dword:00000001
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Polici
es\Explorer\RestrictRun]
Credit due to Mike Pomraning (admin at siraj.com) for pointing this
solution out to me.
-Joshua
--------
Joshua Heling jrh at securepipe.com
SecurePipe Communications, Inc.
More information about the samba
mailing list