SSJ like alternative setup's

Of course and I understand this and that SuRun is a convenience tool for LUA users and not a security application. I have Malware Defender elevated permanently under LUA because 1. it does not remember rules under LUA & 2. I trust MD 100%

Thanks for the explanation Sully! So far it has served extremely well resolving the MD issue in LUA and it certainly speeds up my administrative maintenance tasks. I have created batch files in my LUA (VBOX) desktop, and created path rules in SRP for each of them specifically so I can run them when needed, for the following:

Automatic Updates: "surun wuaucpl.cpl"
Computer Management: "surun compmgmt.msc"
Group Policy: "surun gpedit.msc"
Network Connections: "surun ncpa.cpl"
Software: "surun appwiz.cpl"
Local Policy: "surun secpol.msc"

Maybe I'll add some others but this is a good start

 

Yes, I think it's important people realise SuRun is NOT a security application at all. I think some Linux expert on Wilders was debating that it did provide security and that it was one of his "most favourite security applications"...I didn't quite understand what he meant, and I still don't. Anyone?

EDIT: in fact, if anything, SuRun makes your windows LUA environment LESS secure...right Sully? Regardless, anything that is internet facing (eg. starcraft.exe to play online via B.net) and requires admin rights "should" be eg. forced run sandboxed with Sandboxie, to maintain "100%" security.

 

You can modify the executable or the directory in your permissions for users so that MD can write to where it needs to save files to, and then you don't have to elevate it, if this is the only reason.

I made a context menu tool, here

Context menu tool for My Computer

I place all kinds of things like your cpl and msc items above into the MyComputer context menu. On my desktop, the MyComputer icon is top left, and my 27" screen I don't usually maximize things so I can always see it. You might use it to your advantage and get rid of batch files or other shortcuts. I made a version once that was specifically designed to start SuRun with each of the context menu items. I even had it so that when I was in admin account the context menu was normal and when in LUA it was using SuRun.

Maybe you will like it maybe not, but sure keeps the desktop free of things like batch files if you don't use them all the time.

Sul.

 

Less secure in the sense of using it as a tool to start any executable you want easily to alleviate the restrictions of user land, absolutely. That is sometimes the feeling I get when I see people talking about it. Not so much here at wilders, but around the net, especially by people who are reviewing it.

Sul.

 

Interesting. I never though it might be so minor an issue that a simple fix as you suggest might work. I'll look into this, though I see MD's rules.dat is in its own "Malware Defender" directory, so I don't know why it can't save there under LUA, but checking the security tab I see there is no write access enabled, so this could indeed be it.

I will have a look soon. Thanks!

 

Is this directory in program files or in the user profile somewhere? If it is in the profile (my docs or application data) then it should be able to write there one would think.

Sul.

 

Under Program Files. Actually, some news on this: I went into SuRun and deleted the automatic/automagic elevation rights for MD, then I set "Write" permission for MD's Rules.dat file. Good news is it now seems to remember rules applied under the LUA account. However, I now get the message seen in the screenshot from SuRun when logging into my user account. So something about MD doesn't quite agree with the LUA account, but I seem only to have had rules saving issues with it under LUA, and now that seems to be rectified after applying the advice you gave me I'll keep tabs on this and see what, if anything happens. Thanks again!

 

Yes, program files is restricted to users so that is the reason.

Write can be different from modify depending on how you use your permissions. You could also try to relocate the .dat file if there is a .ini entry or reg entry somewhere. If the .dat file lives in a subdirectory, you could open that subdirectory for modify rights. You could also open the entire directory for modify.

It would be interesting to see if SuRun prompts you due to actual rights or simply because the manifest in MD states it needs admin rights.

Certainly playing with it might lead to a great tweak!

Sul.

 

Ahh, I do not mind that Microsoft took a good look at sudo and Surun for UAC for Vista. What I have understood of UAC for Windows 7 it will have sliders to set sentitivity. So in the end it all worekd out perfectly.

Just some old buggers with low end dual core's (E5200@3,Ghz) running a snappy system on XP, might need alternatives (like Surun).

 

Thanks for the comments Kees.

What are the "non-alternatives" for Win XP then? Aren't over 50% of people still using Windows XP? Cheers.

 

Right, I wasn't sure at the time so I just enbled both write and mofify, but I think modify is probably all I need.

Maybe, but this seems too cumbersome for me. I'm pretty happy to just leave things as they are as long as things work, or even possibly give back malwaredefender.exe elevated rights. It's a completely trusted program anyways.

Yeah, I'm not sure why.

 

I not think Surun make your lua less secure. you can restrict in the
options what can be elevated and you can hide Surun for users (surunners or not) so no harm.
The only thing i want in Surun is a way to pw protect the config (like in Shadow defender).
With this Surun continue a non security app but can add one more step to
someone gain ADM privileges. How you restrict in Surun what can be elevated even if someone discover your pw account
they cannot make any elevation.

 

I have no preference between run-as, advanced runner, sudown and surun.

The latter two have the advantage of elevating using the user profile, just based on rumours:

- default runas = disadvantage is elevate with other profile, advantage it is the standard

- advanced runner = disadvantage as run as, plus you change, advantage it i smuch more powerfull as run as

- sudown = advantage is using Users profile, disadvantage (claimed by surun) it is less secure than Surun and non-standard

- Surun = advantage is safer, disadvantage it is non-standard (als in su-run a bug was fixed in the past alowing access to admin rights in an uncontrolled manner).


Currently using just run-as

 

I'll take a stab here, at least from my own perspective.

SuRun has positive security implications since it renders LUA much more user friendly, and therefore much more likely to actually be used in practice, than an installation which is configured as LUA alone.

You're right, it does make the LUA environment less secure in the sense that you are able to dynamically elevate privileges. This is the essential tension of security, balancing strength against user convenience. This tension is present for any solution you wish to consider. In this case I think the trade-off is intelligently taken (versus, for example, simply running as an Admin level user all the time, which can be considered even more "convenient").

s23 is also correct. There are secondary configuration options that are available within SuRun to allow increased security, but this simply shifts the security-convenience balance more in the direction of security.

Blue

 

Hi Kees, this surprises me. I can't comment on Advanced user or Sudown because I haven't used them, but SuRun has a far greater advantage than Runas...

Is there not the other disadvantage, as SuRun's developer states, that Runas... can be targeted by keyloggers?

In additon, SuRun can be easily configured to automatically elevated a trusted program in a user account. I find it far more advantageous over Runas...

 

@Watt,

See Blue's response, it pretty wraps it all up.

My native language is not English, so when I am comparing and mentioning pro's and con's, this might cause some static in the message.

Every elevation which requires passwords is theororetically vulnable to keyloggers. I think run as is as safe (explicitely not using vulnarable) as surun.

Surun is the UAC + Norton's UAC tool for XP, I am happy that XP's product life cycle is extended with such great aps (surun and pgs are great aps IMO).

 

Isn't Surun run in its own secure desktop, eliminating any keylogging vulnerability? Also, as long as any application is given elevated rights without password, does this not also eliminate keylogging vulnerabilities?

 

Not sure why you've mentioned s23 here. But anyway, I wouldn't go so far as the "Linux expert" who said SuRun was one of his "most favourite security applications". It would make more sense to say that eg. SRP is his "most favourite security application". Anyway, just my opinion that SuRun isn't really a "security application". The reason for this is that the best security (referring to security-convenience balance) would be NOT to use SuRUn at all, and ALWAYS stay within LUA rules/policies. This would be highly inconvenient of course. But this brings about the fact that SuRun, if anything, makes you LESS secure.

EDIT: sorry, just realised s23 posted in this thread haha...yes, s23 is indeed correct.

 

You should add a qualifier to that statement to mitigate the impact it might have on those who aren’t that computer savvy, who will likely interpret it as literaly a blanket statement and shy away from SuRun because they believe it implicitly reduces a machine’s level of security. If SuRun is not used, then what will be? Of course the built-in Runas…to perform tasks that require elevated privileges, or the actual administrative account to run these tasks or - worse - run full time in, the latter of which indisputably reduces security far more than SuRun, and the former option which arguably – I’m still waiting for Kees’ and possibly Sully’s comments on this – reduces security more so than SuRun as well.

Remember that SuRun can easily be used to elevate privileges of user selected programs to run with elevated rights in the LUA account, eliminating the need to run as admin full-time because one’s favourite program(s) does not run properly in an LUA environment, although I will admit it is too bad sometimes this is the case; I wonder if, for example, Malware Defender does not run perfectly under LUA (it runs close to it) because of a programming or design flaw in the software?

Well Sully, your thoughts??

 

If you look at it in a very simplistic fashion, SuRun could be considered less secure simply because it can keep a password to elevate a process to root without the users input.

It is not itself really a security tool and what it does is not really good or bad.

RunAs might be considered more secure in the sense that you always have to manually enter the correct credentials. While it does not offer the same 'goods' that SuRun does, it negates what I would call the primary concern with SuRun, being auto-elevation.

To put this in context though, SuRun must be 'allowed' to auto-elevate a process. Should that process perform malicous activities is of no concern to SuRun, or for that matter RunAs.

It is the user who is less secure. You can take either SuRun or RunAs and easily with either compromise your whole system by running something malicious as admin.

SuRun simply has the capability to 'remember' your answer and elevate at will. Not bad most likely, but it seems to me to be the only 'issue' that could happen that was not the users error. The user at one point decides to trust some process. Later that process is compromised, but when it runs SuRun is told to always elevate. But in all honesty, if you don't even know if a file was compromised, and you were to use only RunAs, it would still have the same effect. So is SuRun really any less secure?

Bringing the un-educated user to use SuRun is perhaps not any more or less secure, as the user will still be elevating to admin either with RunAs or logging into the admin account if he/she is not using SuRun.

I think the end result is, no matter how special and different SuRun is over RunAs or logging in as admin, when the wrong executable is elevated to root, all bets are off. But how on earth you can ever mitigate this problem is beyond me. Some argue to only install trusted applications. Some say to use other methods in addition to LUA, like SBIE/DW/MD/HIPS/etc. But the bottom line is this, if you want to install a new program or just run some program, no way short of a hash checksum will ensure you it is legitimate. And even then, you must implicitly trust the source that says 'this program with this checksum is not malicious'. For many here this is attainable. For the basic user who does not understand as much, I think it is a pipe dream.

IMO the best you can do is find a scheme that fits your level of comfort and cover most of your bases that you know how. For some they will like all-out control of HIPS, for others they are tired of prompts and want a silent alternative. Still for others they don't know what they are doing so no matter what they use they stand a good chance of having problems. The best solution IMO is to develop a backup plan for your data and use imaging of some kind so that if you ever have a problem your data is safe and you can get back to a working state in relatively short order.

Sul.

 

Okay, but from the Surun site (translation needs some work, but fairly clear anyways):

How about the secure SuRun desktop too? Does this not count for anything, or is the developer lying?

I would also think that even before a progarm is elevated with SuRun in the LUA account, it has already been installed via the administrator account. If it's malicious, it's already done the damage so the points you make - with all due respect - seem moot. Example: I elevate only Malware Defender because it is a known, trusted program I've used for a long time, and one that I know does not run perfectly under LUA, so I then use SuRun to auto-elevate it in said LUA acount. No harm done and now MD works as it should.

What difference does it make if someone is going to elevate a program manualy via Runas or auto via SuRun?? if it does happen to be a malicious program, it's going to do its damage regardless of the method the user chooses. In other words, how is Runas more secure this way?

LOL! You've answered my question here

Let's just say for hypothetical sake neither Runas or SuRun even existed; is it not reasonable to surmise the user is simply going to use the administrtaor account to run their program, so obviously if it's malicious it's going to toast the system anyway?

Six on one side half a dozen on the other. I still maintain this belief although you or someone might convince me otherwise: SuRun is more likely than Runas to keep a user out of the administrator account because of its versatility.

Sure, but using SuRun to elevate to admin credentials only when needed is still far better than running in the admin account to run these tasks. It is only the selected program/task to be elevated that gains the admin credentials; not the entire account.

As you suggest, only install trusted applications. It's never failed me once.

So many possibilities here, but it doesn't have to be difficult; if the basics are followed there are many profiles that will work effectively, as long as the user is happy with their choices.

That's their problem if they are not interested in learning to avoid problems, although I have to admit that even if they are willing to learn, they could run in to problems in the early stages of this process.

Agreed; a backup plan/quick restore is essential for most of us.

 

lol, nice reply.

Maybe you are too focused on the specifics of SuRun/RunAs in this thought process. You have to disregard all the SuRun can do, like create a special environment where autohotkey cannot get your password. Look at it from a much more basic standpoint.

When you are a LUA, you must at some point upgrade your rights to do things you want. It need not be install a program, maybe only run a program that for instance cleans the registry, a portable app. You could do this from admin account, or you could RunAs/SuRun. It matters not, when you run this reg cleaner, you give it rights.

Now suppose you use the reg cleaner a lot. You get tired of using RunAs or logging into admin. SuRun to the rescue. Conveniently SuRun allows you to remember your answer. Everything is going great. Every week you simply double click the icon to start the reg cleaner.

Now forget the fancy features of any method of elevating rights. Suppose that you come in one day and after looking at some cd or usb stick or downloading a p2p file, whatever, you then start this reg cleaner. This reg cleaner maybe has been modified. What happens when you run it? We know, SuRun will run it, no questions.

This is not a flaw, not a con at all. In fact, unless you knew that you had a modified file, you could do nothing about it anyway. I am not pointing to SuRun as being insecure, more like pointing out the fact that if something wants to run AS THE ADMINISTRATOR, and it EVER GOT COMPROMISED AND TRIED TO START ITSELF (OR SOMETHING STARTED IT) that you would have no recourse of action.

Whereas with stanard RunAs (or using SuRun without 'automagically' remembering), assuming the worst that the reg cleaner program tried to start itself or was started by something other than you, it would wait until you gave the credentials. RunAs is not really more secure, but in a worst case scenario does give the user the heads up.

Now remember that SuRun does not have to remember answers. And the liklihood of something as I am saying happening is probably quite small. I am just saying that in theory you could get burned by letting a program have your root credentials to remember for things. When I have used SuRun, I too have allowed it to automagically remember some items. But I have always been leery of giving it permission to start certain things without my approval.

Whether SuRun is any more secure because of expanded features I guess I don't really care too much about. I think the greatest threat comes from what the user actually gives root to as opposed to some method to keylog your admin password. There is more than one way to hide your keystrokes the way SuRun does. It is true that standard RunAs is easy to get those keystrokes from, I can attest to that.

Well, that is all I have to say about that I suppose. There really is not much to say about it other than one must be careful when giving a process admin rights (we all know that) and that you might want to be selective about what you 'automagically' elevate if you think it might be a concern.

Also, think about this for a minute. Suppose that a clever coder developed a program that had a command line to start surun, and that coder also had figured out a way to pass a keystroke to the 'OK' button in the SuRun desktop. What do you think would happen?

Later.

Sul.

 

Seems I may have created a slight paranoia about using SuRun and how it may be a security hole?

If so, all you need to do is ensure you have your malware "threat-gates" and "attack vectors" contained/blocked. You can actually achieve all this in full blown administrator mode actually. For example, with my "security setup" and "security approach", LUA doesn't actually make much difference (if any) to my computer safety. The only reason I use LUA is because I can function perfectly with it, so why not? Also, another reason for using LUA is because Windchild has brain-washed me haha.

 

No I don't think paranoia. Most people here like to learn and discuss. One reason I love to do it is because I know that there are hundreds if not thousands of people who visit these forums when they are looking for an answer. It does not take long for a thread here to show up in a search engine. It is good to provide all sides of a discussion so that these 'visitors' might learn all sides of the equation. Helps to make good decisions with good information

Sul.

 

That was where I was afraid off and nuances started to lose in translation, because is was discussed in a foreign language (for me).

I hoped to circumvade this by mentioning "as safe as" and explicitely not "as vulnarable as" in one of my posts.

Surun is a nice product life extension goodie for XP as is PGS.