I think if the main design of any system was run as mortal and do runas for things that need more, you would have a system that by default, NEVER allowed interactive logon to an account that does more. Further it wouldn't let you change that code to allow it. Heck I would even take it further and say that the raised levels of access would be process only based, once that process completed, it would revert.
joe -- Pro-Choice Let me choose if I even want a browser loaded thanks! -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, November 19, 2004 5:14 PM To: Crotty, Edward Cc: [EMAIL PROTECTED] Subject: Re: [in] Re: [Full-Disclosure] IE is just as safe as FireFox On Fri, 19 Nov 2004 13:12:31 EST, "Crotty, Edward" said: > I'm not a Win based guy (troll?) - Un*x here - and even I was offended by #1. > > There is such a thing as "runas" for Windows. Yes, but is *the main design* of the system "run as a mortal, and use the 'runas' for those things that need more"? Or is the *main design* "We'll just elect the first user as Administrator, and include 'runas' in case somebody wants to Do It The Right Way"? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
