Jump to content











Photo
- - - - -

Winbuilder and user account restrictions


  • Please log in to reply
13 replies to this topic

#1 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12707 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 27 August 2007 - 01:05 PM

I think that WinBuilder should be a program that can be fully used by admins only.
The resulting ISO on a CD could be used by everybody to crack the most secret folders of a disk.

Therefore for me it seems to be ok, if only Admins can create such an ISO.

Peter

EDIT by jaclaz:
This thread was splitted from here:
http://www.boot-land...?...ic=2940&hl=

#2 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 27 August 2007 - 01:21 PM

Maybe WinBuilder should startup asking for the secret admins handshake! :loleverybody:

#3 booty#1

booty#1

    Frequent Member

  • .script developer
  • 285 posts
  • Location:Near Frankfurt
  •  
    Germany

Posted 27 August 2007 - 01:35 PM

I think that WinBuilder should be a program that can be fully used by admins only.
The resulting ISO on a CD could be used by everybody to crack the most secret folders of a disk.

Therefore for me it seems to be ok, if only Admins can create such an ISO.

Sorry Peter but that argument is very strange from my point of view. What does WinBuilder more, compared to a Knoppix CD which can be dowloaded, burned and used by any simple user?

BTW: What secrets does a WinPE disc unlock?

booty#1

#4 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12707 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 27 August 2007 - 02:21 PM

Sorry Peter but that argument is very strange from my point of view. What does WinBuilder more, compared to a Knoppix CD which can be dowloaded, burned and used by any simple user?
BTW: What secrets does a WinPE disc unlock?

Please remember: I said 'regardless, ...'
I do not want to speak about Knoppix, BartPE, Reatogo etc.
My guess was that especially WinBUilder could be designed to be 'trustable'

Imagine:
In my company, I (a simple user) share a PC / network disk or similar with a collegue.
I want to read his private files on disk.
I build a BartPE CD, boot and can read everything.

Would be a nice attribute of WinBuilder to prohibit this.
(Of course, currently I can go to my home PC, wher I'm admin, build the WB CD there, and go back to my company's PC)

But this item should be worth to be discussed.
'WinBuilder does not help to do things you usually are not allowed to do'

What do you think?

Peter

#5 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 27 August 2007 - 02:39 PM

Would be a nice attribute of WinBuilder to prohibit this.


Something like this :loleverybody::

ECHO Are you going to use Winbuilder to read private files of your colleagues?
ECHO Please input YES or NO:
ECHO SET /P I_am_a_nosy_guy=
IF /I NOT %I_am_a_nosy_guy%.==NO. GOTO :EOF


Why not auto-sense through a web connection the location of the user and prohibit booting on Sundays (in Christian countries), on Saturday (Israel) or on Friday (Muslim countries)? :w00t:

:w00t:

jaclaz

#6 smiley

smiley

    Silver Member

  • .script developer
  • 905 posts
  •  
    Greece

Posted 27 August 2007 - 02:57 PM

What do you think?


It depends on the user on how he will use it

#7 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12707 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 27 August 2007 - 03:00 PM

Why not auto-sense through a web connection the location of the user and prohibit booting on Sundays (in Christian countries), on Saturday (Israel) or on Friday (Muslim countries)? :loleverybody:


Very interesting :w00t:
I'll check this!

I'm sure you can complete the sample list for diverse Indian religions, and for Buddists, etc. :w00t:

And we could - country depending - add union allowed working hours!

Peter

#8 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 27 August 2007 - 03:25 PM

Peter, how can someone who hates Vista, can come up with the idea of including trusted computing in XP? :loleverybody:

#9 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12707 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 27 August 2007 - 03:32 PM

Peter, how can someone who hates Vista, can come up with the idea of including trusted computing in XP? :loleverybody:


Oops :w00t:

#10 booty#1

booty#1

    Frequent Member

  • .script developer
  • 285 posts
  • Location:Near Frankfurt
  •  
    Germany

Posted 27 August 2007 - 07:16 PM

Peter, how can someone who hates Vista, can come up with the idea of including trusted computing in XP? :loleverybody:

An interesting interpretation of "trusted computing" - until now I had a different association with trusted computing (if you don't know it - watch it. Even if it is a bit outdated this animation film is great!).

The registry hives are loaded to a specific kernel memory area - I'm not sure how restricted is the access to this specific memory section but I remember reading some notes from russinovich where he mentions some of his tests.
It seems that hive files are loaded to memory and written back every 2 seconds whenever some of his hive sectors are marked as "dirty".
These details are better provided on a systernals guide. You can find the link on the raw registry discussion topic at the windows sub-forum here on boot-land.

Very interesting, I did not knew that. But please keep the following in mind:
1. Direct memory access requires always admin permissions
2. Direct memory access is nearly impossible in Vista (makes it a bit more difficult for rootkits to remain unseen).

booty#1

Edited by smiley, 27 August 2007 - 07:54 PM.


#11 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 27 August 2007 - 07:26 PM

How about limiting the daily use of each project to around 10 minutes per day? (my wife would surely like this one.. )

Not bad, as long as we are talking about "latin" 10 minutes... :loleverybody::)

....and we could also put up a central database to keep track of marriages (and divorces) of users...:w00t:

Seriously, but not much :w00t:, putting limits to the use of Winbuilder looks so "Microsoftish":
http://www.911cd.net...o...9355&st=134
:w00t:

jaclaz

#12 smiley

smiley

    Silver Member

  • .script developer
  • 905 posts
  •  
    Greece

Posted 29 August 2007 - 04:17 PM

Bump!

I have split the original topic so it is clearer

@Jaclaz: There are still some off topic posts here. Should they be deleted?

#13 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 29 August 2007 - 04:51 PM

@Jaclaz: There are still some off topic posts here. Should they be deleted?


No everything is fine, now.

Please PM me or post here that you have read this and I'll delete this and your last post(s).

jaclaz

#14 smiley

smiley

    Silver Member

  • .script developer
  • 905 posts
  •  
    Greece

Posted 29 August 2007 - 05:11 PM

Please PM me or post here that you have read this and I'll delete this and your last post(s).


You can delete it now :loleverybody:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users