Disabling debug privileges (is it bad)

Discussion in 'other security issues & news' started by [suave], Oct 30, 2006.

Thread Status:
Not open for further replies.
  1. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Hello everyone,

    I just wanted to know something. Lets say I disable debug privileges in the local policies for all accounts (including admin).

    Security-wise, is that a good or bad thing to do?

    And also, would I have any problems with Windows or any applications for that matter?

    It's Windows XP Pro that I am planning to do this on.

    Thanks.
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    If you disable the policies - including admin - you won't be able to use them.
    If you disable them without setting any policies - there is little effect to it then.
    At best, you will prevent local users from setting their own policies, but that is something you can restrict without disabling your own account privileges.
    Of course there could be problems - depending on what you set.
    Mrk
     
  3. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Mrkvonic, thanks for your reply.

    See, I'm trying to figure out if there are any malware/virii or anything similar that rely on Debug Privileges to raise havoc.

    And therefore by disabling debug privileges, would I be effectively stopping these kind of threats? (if there even are any).
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    Yes, there are several malware that do that.
    And yes, you can prevent the attacks - in fact that's pretty much what HIPS programs do.
    Mrk
     
  5. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Cool! Thanks for the answers Mrkvonic :thumb:
     
Loading...
Thread Status:
Not open for further replies.