Windows Server Hacks: Disable "Run As"
Subject:   How does this help security?
Date:   2004-03-17 14:43:38
From:   mitchtulloch
Response to: How does this help security?

Defense in depth i.e. another layer of security. Power Users also have some administrative privileges and if you make some users members of the Power Users group and one of them should let their password be compromised, well...

Also, the whole idea of having RunAs available on an ordinary user's desktop machine is a bit dangerous. The idea is convenience i.e. an administrator can run a program on a user's machine to fix something without requiring the user log off first. Imagine if a trojan was running on the user's machine when you did this...

1 to 1 of 1
  1. Mitch Tulloch photo How does this help security?
    2004-03-18 12:01:23  Mitch Tulloch | O'Reilly Author [View]

1 to 1 of 1