On Tue, Aug 18, 2009 at 10:50 AM, James Rankin<[email protected]> wrote: > Can they kill the process if another user account started it (especially one > higher up the food chain)?
By default, regular users cannot kill processes owned by other users; admins can kill any process. You could probabbly apply an ACL that denies admins the ability to directly kill a process, but I expect admins would retain the right to seize ownership and change the ACL back (same as for NTFS). Since people are already killing the process contrary to company wishes, I don't see why they wouldn't proceed to changing the ACL, too. I suppose it might suffice if the users know *just* enough to kill a process, but not about ACLs. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
