Re: How safe is a "Limited" XP account?
From: Todd H. (comphelp_at_toddh.net)
Date: 02/24/05
- Next message: George: "Mystery icon on desktop"
- Previous message: Kerry Brown: "Re: System freezes, vertical lines"
- In reply to: John Brock: "Re: How safe is a "Limited" XP account?"
- Next in thread: André Gulliksen: "Re: How safe is a "Limited" XP account?"
- Messages sorted by: [ date ] [ thread ]
Date: 24 Feb 2005 12:34:27 -0600
jbrock@panix.com (John Brock) writes:
> In article <m03bvmvqyv.fsf@ripco.com>, Todd H. <comphelp@toddh.net> wrote:
>
> >jbrock@panix.com (John Brock) writes:
>
> >> What bad things can happen to me while using a plain vanilla
> >> "Limited" Windows XP user account?
>
> >> In general I am interested in both likely and worst case
> >> scenarios. Any thoughts?
>
> >There are more secure OS's out there.
> >
> >What are your goals? What need motivates your questions?
>
> My motivation is very simple; I use a Limited account on my home
> XP system, and I want to understand how much extra security this
> buys me. I don't rely on it for security, and in fact I am quite
> paranoid about security -- I have a hardware firewall and anti-virus
> software, I have never used IE on this computer except to connect
> to microsoft.com for updates, and I read all my email via telnet.
Sounds like an excellent set of steps. Well, except the last one
where I hope you mean ssh instead of telnet. :-)
> So far I seem to have avoided any viruses or spyware. I am well
> aware that there are more secure OS's, and I'm appalled at how
> poorly Windows is designed in terms of security. Still, you process
> words with the computer you've got, and I just want to understand
> the one I've got as well as possible.
>
> I think my question really breaks down into two parts:
>
> 1) How well does the theoretical security provided by a Limited
> account hold up in practice? I.e., how hard is it in practice to
> "escalate privileges", and how long do bugs which allow this to
> happen go unfixed?
If you're using windows,, using a limited account is definitely better
than using a full priv account. It's decidedly not as strong as
using a UNIX user account simply because the security architecture is
not as robust as *NIX. However, if you're going to be using Windows,
a limited account is the best you can really do.
If you would like to take this security isolation one step further,
however, and still want to use Windows, you might consider running
Linux as your host operating systems and getting a copy of VMWare
Workstation for Linux. Then, run Windows as one guest OS inside a
VMWare virtual machine. You could install two different Windows
virtual machines actually--one "clean" nad one "dirty" and do risky
work in one, and trusted work inside the other. If you run a limited
account inside of there, you get even better protection. With this
virtula machine/VMWare method, most malware you encounter will at
least only be contained to that particular virtual machine, and will
leave the rest of your virtual machines unharmed.
Malware writers, however, are working on ways to break out of virtual
machines like this...but thus far, I don't think they're having a lot
of success.
> 2) How likely is it that a given piece of malware will be coded to
> try to escalate privileges if it finds itself running on a Limited
> user account, or even function effectively at all in this situation?
Again, it's hard to answer with hard numbers without a lot of
research, but I'd say that most malware is going after the low hanging
fruit of a default install where the user had admin priv's already.
As such, a limited account does buy you due diligence at the very
least.
> My impression is that most Windows users spend most of their time
> in accounts with Administrator privileges, so maybe most virus
> writers wouldn't consider it worth their effort to write code that
> deals with Limited accounts. Or maybe not. I don't know, hence
> my question.
I'd agree with your take.
> I do notice that when I see lists of recommendations for securing
> Windows PCs Limited accounts are often not even mentioned, and I've
> wondered why that is.
I think it's perhaps because they're new and unique to XP (at least in
the parlance "limited account.") Win2k and NT had similar constructs,
but the roles were something of default user, power user, and
administrator, and others.
> Maybe it's because some old or poorly designed software won't run
> properly, and because you can't install most software. Maybe it's
> assumed that the typical user can't be trusted to understand and use
> a Limited account. Or maybe it just doesn't add as much security as
> I think it does. Again, my question.
You've brought up a good point about limited, or non-administrative
accounts. From what I've read, there is a non-trivial amount of
software out there that doesn't work with them. :-\
Best Regards,
-- Todd H. http://www.toddh.net/
- Next message: George: "Mystery icon on desktop"
- Previous message: Kerry Brown: "Re: System freezes, vertical lines"
- In reply to: John Brock: "Re: How safe is a "Limited" XP account?"
- Next in thread: André Gulliksen: "Re: How safe is a "Limited" XP account?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
