[13505] in bugtraq
Windows 2000 Run As... Feature
daemon@ATHENA.MIT.EDU (David Terrell)
Sun Jan 23 18:25:48 2000
Mail-Followup-To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000121154906.A27510@pianosa.catch22.org>
Date: Fri, 21 Jan 2000 15:49:07 -0800
Reply-To: David Terrell <dbt@meat.net>
From: David Terrell <dbt@MEAT.NET>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In all the hubbub over whether the semantic of the Run As... feature
in Windows 2000, a much more important shortcoming is that this is
the first time (I know of) that the system asks for your password
through a mechanism other than the trusted path (ctrl-alt-del to
login, ctrl-alt-del to change password). This is an unfortunate
compromise in an otherwise useful feature.
--
David Terrell | dbt@meat.net
Prime Minister, Nebcorp Inc | http://wwn.nebcorp.com/
