[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    RE: [Full-Disclosure] W2k users, local admin rights and GPOs
From:       "Sergey V. Gordeychik" <gordey () infosec ! ru>
Date:       2003-10-30 10:52:04
[Download RAW message or body]


From: Exibar [mailto:exibar@thelair.com]

> What you do is first, delete the policies from the registry, then deny
>everyone (except for a locally created user) access to the policy key.
>You'll see the failures in the event log when a new policy attempts to
get >written.  Viola!  no more policies....

 But if I define registry keys permissions in GPO? It's works? Hm...
I'll try it.

One more question. Can any body provide examples of wide-used software
(client-side software I mean) which doesn't work without administrative
rights? 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[prev in list] [next in list] [prev in thread] [next in thread]