I believe they are referring to "Power users"
Alexander Suhovey wrote:
http://www.threatcode.com/testing.htm
I was scrolling through article when I stumbled upon following text that (as
I understand) QB2004 displays for LUAs:
"Your user account for Windows was created with Restricted access to system
resources. This will prevent QuickBooks from operating properly. Please
contact your system administrator and ask him or her to grant you Standard
user rights."
Whatta... What a FUD. So they just lie to user so he goes to admin and asks
"Why oh why didn't you give me even Standard user rights?!" Can somebody
explain the "Standard user rights" concept? Never heard about it but
"Standard user" sounds equal to LUA for me.
Oh, you mean, Administrator? Why didn't you say so then?!
I wonder how Intuit managed to get away with such statements in their
software.
--Al
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS
Rocks [MVP]
Sent: Sunday, March 19, 2006 10:12 AM
To: [email protected]
Subject: Re: [ActiveDir] OT: Hacking up QB to run under user rights (the
official Intuit answer)
http://www.threatcode.com/testing.htm
You'll love this.. their "official" instructions are wrong. Obviously
no one runs LUAized around there to test this.
Crawford, Scott wrote:
I agree. You're doing a great job. If we could just implement public
flogging, I think we could get there sooner :)
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley,
CPA aka Ebitz - SBS Rocks [MVP]
Sent: Friday, March 17, 2006 11:03 AM
To: [email protected]
Subject: Re: [ActiveDir] OT: Hacking up QB to run under user rights (the
official Intuit answer)
www.threatcode.com
"WE" push them. That's how it gets done.
Crawford, Scott wrote:
That is awesome. Now why can't all vendors do that? If they're gonna
write insecure apps, at least tell us how to minimize the risks.
What's
the point in every customer figuring it out for themselves? That's a
lot more total time spent than if they'd just do it once.
What would be even better is if they'd get even more granular in their
permissions and deny access to .exe's and other potentially harmful
files. I'm sure users don't need full access to ALL files under
Intuit.
This leaves the possibility open that a bad guy (process) could modify
QuickBooks.exe to attempt to load a keylogger. Next time an admin runs
that program, bye bye computer.
Oh well, better than nothing :)
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley,
CPA aka Ebitz - SBS Rocks [MVP]
Sent: Thursday, March 16, 2006 6:08 PM
To: [email protected]
Subject: [ActiveDir] OT: Hacking up QB to run under user rights (the
official Intuit answer)
Message: "User Access Rights Problem: Windows XP and Windows 2000 users
must have Power Users or Administrator group rights...":
http://www.quickbooks.com/support/faqs/qb2006/a4edfd81.html
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
