News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

Install program in a limited user account

Started by Magnum, November 23, 2010, 08:38:45 PM

Previous topic - Next topic

Magnum

I found this in a newsgroup.

It sounds a bit disturbing.

How can you defend against this?

Andy

(At the Senior Center)



Such programs get round the difficulty of needing Admin rights to modify
the contents of the %ProgramFiles% folder PLUS the equally problematic need
for Admin rights to write to certain parts of the registry.  How they do it
is by installing to a folder within the %USERPROFILE% folder (where a
limited user has "full access") and changing where in the registry they
write their settings to... (for instance, instead of needing Admin rights
to access HKCR\....\etc.,  equally effective is to write instead to
HKU\Software\Classes\.....\etc.,).

In this way, certain program installations CAN be setup by a limited user,
in the way described here.

(An example of such a program that use these techniques is the "torrent"
download app "VUZE" which can be installed without logging on as Admin or
using any form of "runas" command).
Have a great day,
                         Andy