How exactly does drop my rights work?

Discussion in 'other anti-malware software' started by cheater87, Jun 4, 2011.

Thread Status:
Not open for further replies.
  1. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Can I use this with my current programs that I have in my sig?
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
  3. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Drop My Rights is normally used from an Admin account. Drop My Rights creates a process using the Admins token, but strips it down the level of a User rather than an Admin. You end up with a program running with reduced rights.

    It works in XP, Vista and 7. Don't bother if you use UAC.

    Technically it uses CreateProcessAsUser() along with the following:
    SaferCreateLevel()
    SaferComputeTokenFromLevel()
    SaferCloseLevel()


    Sul.
     
  4. skp14

    skp14 Registered Member

    Joined:
    Oct 9, 2009
    Posts:
    56
  5. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    That seems easy ^__^. But if I have UAC turned off 7 gets mad at me. XD
     
  6. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,123
    Location:
    USA
    I believe UAC does essentially the same thing as DMR. But if you don't mind the prompts from UAC consider creating a limited user account and respond to the prompts with the Admin account. If you don't password protect the admin account you only have to click OK. One advantage is everything will run with reduced rights in the "user" account. Another is some malware install only in the active account and aren't active when you log in with a different account - makes it easy to get rid of them.
     
  7. Spooony

    Spooony Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    514
    Ain't the admin account disabled by default in Vista and 7?
     
  8. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    Not in 7.
    after install, the only account created is the Admin account with UAC on.
     
  9. Spooony

    Spooony Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    514
    So they've gone back to Xp with 7. Not a wise move from ms
     
  10. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    well, at least UAC is on. ;)
    i think it would be too bothersome for Joe/Jane Average to run under a standard account.
     
  11. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    What administrator account are you folks talking about? There are two administrator accounts: Built-in Administrator (disabled!) and the administrator account that's created when you install Windows.

    The built-in administrator account has more powers than the "normal" administrator account(s), hence being disabled by default.
     
  12. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    tnx for the info.

    i lean something new every day here.
     
Loading...
Thread Status:
Not open for further replies.