[13533] in bugtraq
Re: Windows 2000 Run As... Feature
daemon@ATHENA.MIT.EDU (Seth R Arnold)
Mon Jan 24 19:26:16 2000
Mail-Followup-To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000123152817.R579@willamette.edu>
Date: Sun, 23 Jan 2000 15:28:17 -0800
Reply-To: Seth R Arnold <sarnold@WILLAMETTE.EDU>
From: Seth R Arnold <sarnold@WILLAMETTE.EDU>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000121154906.A27510@pianosa.catch22.org>; from David Terrell
on Fri, Jan 21, 2000 at 03:49:07PM -0800
David, I believe the task scheduler included with IE 4.0 (and higher?) under
NT4.0 allows one to give a login and password that the task should be run
under. Also, in network properties dialog box, when adding the computer to
the domain, it asks for the name and password of someone with enough rights
to add computer accounts to the domain. Both of these are handled through
dialog boxes not invoked with ctrl-alt-delete.
<shrug>
On Fri, Jan 21, 2000 at 03:49:07PM -0800, David Terrell wrote:
> In all the hubbub over whether the semantic of the Run As... feature
> in Windows 2000, a much more important shortcoming is that this is
> the first time (I know of) that the system asks for your password
> through a mechanism other than the trusted path (ctrl-alt-del to
> login, ctrl-alt-del to change password). This is an unfortunate
> compromise in an otherwise useful feature.
--
Seth Arnold | http://www.willamette.edu/~sarnold/
Hate spam? See http://maps.vix.com/rbl/ for help
Hi! I'm a .signature virus! Copy me into
your ~/.signature to help me spread!
