Power User rights

Discussion in 'ProcessGuard' started by spiff5000, Jul 19, 2004.

Thread Status:
Not open for further replies.
  1. spiff5000

    spiff5000 Registered Member

    Joined:
    Jun 27, 2004
    Posts:
    49
    What's the advantage in technical terms of PG if my users only have power user rights (e.g. no admin access to install programs)?
     
    Last edited: Jul 19, 2004
  2. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Process Guard runs as a Windows service (and therefore with system permissions) so the users' access rights should make no difference to its function. However if you want to prevent them from uninstalling it (or creating problems elsewhere on your system) you should definitely avoid allowing them administrator access.
     
  3. spiff5000

    spiff5000 Registered Member

    Joined:
    Jun 27, 2004
    Posts:
    49
    That's not what I meant.

    If my users do not have admin rights and, therefore, cannot run installation programs, do I need something as restrictive as PG? Or can PG be dumbied-down for a moderate level of protection with no user intervention?

    -Spiff5000
     
  4. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    PG is intended to counter trojans and other malware (keyloggers, password capture programs, etc) that can hook into a system regardless of user access rights (using various escalation-of-privilege vulnerabilities to gain system access). It should be used principally as a second (or third) line of defence to protect other security programs (like firewalls and anti-virus scanners) which are increasingly being targeted for shutdown by malware.

    If you just want to restrict what programs users can run, you'd probably be better off with System Safety Monitor (which is free).
     
  5. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    The next version of Process Guard I am working now will correctly handle all user accounts, fast user switching and terminal services correctly. There are some small issues regarding these things in the current build.

    There are a few features that POWER-USERS and LIMITED USERS can take advantage of, global hook blocking, anti-termination, etc. From what I know it is fairly easy to escalate privileges from a poweruser to administrator, though I havn't checked recently to see if this is still the case.
     
Thread Status:
Not open for further replies.