Frontend to DropMyRights (or similar)?

Discussion in 'other anti-malware software' started by Gullible Jones, Jul 11, 2009.

Thread Status:
Not open for further replies.
  1. Because a lot of programs (e.g. TurboTax) won't run under a limited user account, but LUA provides a security level otherwise difficult to achieve, I'm looking into something along the lines of DropMyRights. However, all the solutions I've seen so far are very unsatisfactory, because they require a user to create a new shortcut for each application to be run with limited rights.

    What I'd like is a fronted to DropMyRights (or a separate program, or whatever) that lets me create a list of applications to *always* run as limited. Sort of like Returnil's execution control module... Except instead of execution control, it would be executable rights control. This way I could for instance add Firefox, Internet Explorer, and VLC to the list, and those would *always* execute with dropped rights, no matter which shortcut I used.

    Is there anything like this? Or will I have to right it myself? ;)
     
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    did you tried DefenseWall?maybe that's what you need;)
     
  3. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    If you're running XP then I suggest a program called SetSafer by Michael Howard (I believe). With this program you can list applications you wish to run with reduced rights and unlike with Drop My Rights no matter where that program is activated it's with restricted rights. Don't believe it will work with Vista. Haven't tried it with Windows 7. Maybe I should.

    Later...
     
  4. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    This is the best link I have found that makes DropMyRights seem easy. In the link they now mention DefenseWall and Online Armor as possible alternatives. Online Armor is a HIPS/firewall that has a runsafer option that you could apply to whatever programs you like. DefenseWall is basically a HIPS/sandbox type app. Both are good products.

    http://cybercoyote.org/security/drop.shtmlhttp://cybercoyote.org/security/drop.shtml
     
  5. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    I use SetSAFER on my XP Pro system. It's free and requires .NET Framework 2.0. I've no idea whether it works (or is even needed) on Vista or Windows 7 though.

    You can read about it and download it here: -

    http://blogs.msdn.com/michael_howard/archive/2006/05/07/592136.aspx

    Screenshots of my application control list and of SetSAFER using the list are attached. You can use the Properties Security tab in SysInternals' Process Explorer to check that SetSAFER is working correctly.
     

    Attached Files:

  6. Criss

    Criss Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    186
    Appguard will also fix in ur choice. :D
     
  7. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    401
    Location:
    France
    If you want a permanent DropMyRights tool, the only one available so far is Pretty Good Security (PGS) designed by Sully on this forum. It uses absolutely no ressources. It is still in beta stage though and is free.

    https://www.wilderssecurity.com/showthread.php?t=244265
    This tool uses the same registry keys from DMR and SetSafer.


    If you prefer a more powerful tool, then have a look at the policy sandboxes:
    DefenseWall
    GesWall
    AppGuard...
     
  8. Wow, PGS looks extremely awesome. I think I'll use that. Thanks. :)
     
  9. Lucy

    Lucy Registered Member

    Joined:
    Apr 25, 2006
    Posts:
    401
    Location:
    France
    You're Welcome.

    On top of that you can add SRP, allow/deny folders, change rights levels of any application... And you have the oporunity to decide your security strategy based on the type of account you are using.

    It works for Xp and Vista. Not for Win7 yet, even if some demonstrated the reg tweaks should still work in this OS.
     
  10. demonon

    demonon Guest

    I think you can achieve this with SuRun.
    A very powerful program, and if I remember well, you can also select which programs to run in a LUA.
    Another good choice would be PGS.
     
  11. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    527
    Location:
    USA
    I tried SetSAFER, but Firefox 3.5 gives me an error message that its "already running, but not responding". Any ideas how to get Firefox to work under setsafer? IE8 works fine as verified by Process Explorer.
     
  12. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    SetSafer uses an .xml file to create the SAFER registry values. It creates a GUID and creates the path rule. You can do the same thing with the secpol.msc snap-in (the SRP area) or with a .reg file and a GUID generator, or with PGS. You are doing the same thing.. creating a path rule of either Deny, Allow or Restrict.

    DropMyRights creates a process (starts a program) and modifies the security of that process, so that it starts as a user. The same thing that Basic User option does in SRP. If you want to use DMR, you can easily create what I call a 'drop zone' window if you know how to code. I made one that just sits on your desktop, a little window. You just drop what you want into it, and it passes whatever it was you dropped (like firefox.exe) to DMR, and then DMR starts it as a user. There is no memory that I am aware of with DMR to do this. This is why SRP uses the same features. In this way, it is built into the OS, that whenever a processes is created, to check with SAFER and see if it exists as a restricted software.

    I had an idea at one time of using some registry tweaks to get DMR to work all the time, but SRP is a better solution for always running something as a user.

    There is certainly no problem though with having SRP maintaining a static list and still using DMR to only start a program as a user on the occasion when you want it restricted. Of course, you could also just use SRP in the same way with only a couple shortcuts needed.

    Sul.
     
  13. Firebytes

    Firebytes Registered Member

    Joined:
    May 29, 2007
    Posts:
    903
    Firefox 3.5 is working fine under SetSAFER here. It has been my experience in the past that occasionally FF just doesn't shut down properly. It does happen but very rarely on my systems. I just go into task manager and shut down the FF process when it does happen. I doubt the problem you had with FF shutting down had anything to do with running it with SetSAFER. Probably just a coincidence but to be sure try running FF a few times with and without SetSAFER and see what happens.
     
  14. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    527
    Location:
    USA
    Thanks for your reply. I tried your suggestion and still there's a box saying Firefox is already running. I even uninstalled Firefox, deleted the old profile folder, and reinstalled without success. There has been so much security software installed and uninstalled on this machine I will re-image and try again.
     
  15. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    SuRun is a good solution, it lets you work with an LUA and gives you the option to start apps with elevated rights that will only work properly as admin. Excellent tutorial here.

    Another thought is to look for alternative apps that work properly, however if you have a requirement to use TurboTax this may not help much.
     
  16. I tried SuDown earlier and unfortunately managed to lock myself out of administrative capabilities... For now I think I'll stick with PGS. ;)
     
  17. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Well PGS with freebies like RegRun, OSAM startup Manager and Avast (with Rootkit scan on startup) will assist you when autorun/rootkit intrusions occur. PGS is very good :thumb:

    Cheers
     
  18. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany

    SuDown != SuRun. Two completely different things. SuRun will get you as close to the Linux sudo principle as is possible in Windows. Take a look at mrkvonic's tutorial, it's worth reading. He also has a link in the tutorial to a thread here started by tlu that's worth reading through.

    I install this on systems for people who aren't too knowledgeable about computers or security and they have no problems with it at all (and it works fine on mine as well). As a bonus, I don't get phone calls at night asking why they have a skull and crossbones on the desktop. :D

    BTW, if you follow the instructions in the tutorial, you can't lock yourself out. Make another admin account besides the default one, which you shouldn't muck around with anyway unless necessary.
     
Thread Status:
Not open for further replies.