Re: Disable programmatically the "Fast User Switching"

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Viviana Vc (vcotirlea_at_hotmail.com)
Date: 05/04/04 

Date: Tue, 04 May 2004 11:06:18 +0200

As I read from the NGs the Cisco VPN client, PCAnywhere and Client
Services for Netware are doing the same ... They probably also have a
reason for this ...

Also if you look at:
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAnPQpmkc/vBG8Jfb3ldblgcKAAAAQAAAApHIMXER7Y0e2bLmfbZMqcAEAAAAA%40012.net.il&rnum=1&prev=/groups%3Fq%3Dkill.exe%2B%2522Fast%2BUser%2BSwitching%2522%26ie%3DUTF-8%26oe%3DUTF-8%26hl%3Den
you'll see that somebody complain to MS about some security issue and he
posts there the answer from MS:
"[...]
It's focus is on
this separation of settings to provide personalization, it is not
explicitly designed to provide complete security separation of users. It
does not make any promises about explicitly keeping sessions secure from
each other.
[...]
However, given the consumer oriented usage scenario for FUS, it is
likely that there is a very high degree of trust between each user, as
they will be part of the same household etc.
[...]"

So, in my application case I have MyProxy that is listening on a port
and the email clients that connect to MyProxy. Now, MyProxy is started
for each user with it's specific settings. If user A log in he will have
MyProxy running with the settings for user A. For FUS scenario I could
think about 2 scenario:
- when user B logs in by FUS-ing from user A, MyProxy for user A could
be killed and MyProxy for user B could be started on the same port like
MyProxy of user A that was just killed. But the email clients for user A
might still be opened and they will connect to MyProxy of user B which
is a security problem. I could of course in MyProxy to check that the
connection is coming from the Active Session, and to refuse the other
connections, but in this case user A can have an exploit to use user's B
MyProxy by somehow faking the session ID.
- when user B logs in, MyProxy will start on another port than user's A
MyProxy. Again B could exploit the MyProxy of user A if he knows the
port where MyProxy for user A is running

And yes, MyProxy has to be started with the settings of a specific user.
I won't get into details, but MyProxy can not serve 2 different users in
the same time.

So, because my product is a security product I can not just assume that
the people that are using FUS trust each other ...

Thanks,
Viv

On Mon, 3 May 2004 18:10:45 +0100, "Tim Robinson"
<tim.at.gaat.freeserve.co.uk@invalid.com> wrote :

>Viviana Vc wrote:
>>>> I would like programmatically to disable "Fast User Switching"
>>>> (FUS).
>>>
>>> Why? I, for one, would write numerous flames to the trade press
>>> about your application if I installed it and discovered that it had
>>> disabled FUS.
>>
>> Because I read on newsgroups that FUS should be used between people
>> that trust each other as it's not that safe from the security point
>> of view. As my app is security related I would like to have this
>> option ....
>
>Regardless of how safe FUS might be (got any firm evidence? The separation
>between FUS sessions is much greater than the separation between programs
>within a session), your program will also fail on a Terminal Server system.
>Fast User Switching is a special case of Terminal Services. I would hope
>that a lot of your potential users would be very upset if you broke their
>terminal server.

Relevant Pages

  • Re: Disable programmatically the "Fast User Switching"
    ... As I read from the NGs the Cisco VPN client, ... explicitly designed to provide complete security separation of users. ... However, given the consumer oriented usage scenario for FUS, it is ... in my application case I have MyProxy that is listening on a port ...
    (microsoft.public.platformsdk.security)
  • Re: Disable programmatically the "Fast User Switching"
    ... As I read from the NGs the Cisco VPN client, ... explicitly designed to provide complete security separation of users. ... However, given the consumer oriented usage scenario for FUS, it is ... in my application case I have MyProxy that is listening on a port ...
    (microsoft.public.win2000.termserv.clients)
  • Re: Disable programmatically the "Fast User Switching"
    ... Maybe they could not work in a Terminal Server environment. ... > explicitly designed to provide complete security separation of users. ... > However, given the consumer oriented usage scenario for FUS, it is ... > and the email clients that connect to MyProxy. ...
    (microsoft.public.win2000.termserv.clients)
  • Re: Disable programmatically the "Fast User Switching"
    ... Maybe they could not work in a Terminal Server environment. ... > explicitly designed to provide complete security separation of users. ... > However, given the consumer oriented usage scenario for FUS, it is ... > and the email clients that connect to MyProxy. ...
    (microsoft.public.win32.programmer.wmi)
  • Re: Disable programmatically the "Fast User Switching"
    ... Maybe they could not work in a Terminal Server environment. ... > explicitly designed to provide complete security separation of users. ... > However, given the consumer oriented usage scenario for FUS, it is ... > and the email clients that connect to MyProxy. ...
    (microsoft.public.platformsdk.security)