[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
WinXP registry security
I have a question re: windows xp registry security best practices.
For background we're running:
1. samba-ldap backend
2. everyone runs with user or power user rights as needed by their job's
software requirements
3. OpenOffice installed on all PC's, MS Office installed only where
required for 3rd party compatibility
Here's the scenario:
At the request of one of our departments I've installed some trial
software on one of our PC's running WinXP fully patched. It is a
stand-alone application which never accesses network resources except
for printing and package updates.
The software required the installation of a Microsoft Access 2000
runtime and the .net framework as well.
The most disturbing aspect of this process was that I had to give this
individual 'Full Control' permissions on the software's keys in the
registry which are actually in HK_LOCAL_MACHINE\SOFTWARE\...
This is not the way I was raised. I thought that non-admin windows
users should never have access to anything outside HKLM\CURRENT_USER .
Any comments? Can anyone cite security papers on the topic?
Thanks,
Dan Fleischer
-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.