LUA Question

View previous topic View next topic Go down

LUA Question

Post by arran on 1/8/2010, 03:45

running windows xp home sp2 just trying out running on a Limited user account for the first time so I have little experience in this.

what I want to know is our security products MD and Sandboxie also running with limited rights hindering their ability to contain malware? I presume because they were installed prior to the windows account becoming a Limited user account that they would be running with admin rights?
avatar
arran
Member
Member

Posts : 41
Join date : 2010-05-09

View user profile

Back to top Go down

Re: LUA Question

Post by ssj100 on 1/8/2010, 03:51

No, there is no hinderance at all of running security products in a LUA. As far as I'm aware, services and drivers all run with "admin-level rights", particularly those that operate at kernel level. Although, why would they need to have "admin" rights anyway - it's not like MD or SB are required to install/uninstall or enable/disable services, programs, DEP (on the REAL system) etc?

And as far as I'm aware, there is absolutely no disadvantage security-wise of running as a LUA - there are only advantages and benefits.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: LUA Question

Post by arran on 1/8/2010, 09:40

Yea I have noticed that MD doesn't have full admin rights because it can't stop and start system services like it is meant to be able to.

ssj you say that there is advantages and benefits with running LUA, given the fact that you have sandboxie for all internet facing apps and SRP to prevent the execution of all other unknowns system wide what is the benefit of LUA?

also you have Surun in your sig which is used for to give certain app's admin powers, out of curiosity what do use that for?

avatar
arran
Member
Member

Posts : 41
Join date : 2010-05-09

View user profile

Back to top Go down

Re: LUA Question

Post by ssj100 on 1/8/2010, 11:31

arran wrote:Yea I have noticed that MD doesn't have full admin rights because it can't stop and start system services like it is meant to be able to.

Which is a good thing I would have thought - it removes the possibility that a malware process could hijack MD to stop and start system services.

arran wrote:ssj you say that there is advantages and benefits with running LUA, given the fact that you have sandboxie for all internet facing apps and SRP to prevent the execution of all other unknowns system wide what is the benefit of LUA?

Probably there is no (security) benefit haha. Although, as I mentioned to someone else recently, LUA simply provides another layer of system-wide defense for no added overhead etc:
http://www.sandboxie.com/phpbb/viewtopic.php?t=8691

arran wrote:also you have Srun in your sig which is used for to give certain app's admin powers, out of curiosity what do use that for?

I use it to run Starcraft 1 mainly (it won't work smoothly when run with limited rights, simply because it needs to write to C:\Program Files) - it's an old game released in the era where the idea of limited rights wasn't well known/applied in the Windows world.

Also, I sometimes use SuRun to defragment Windows while in my LUA (you can't defragment as a limited user) and to do other basic administrator tasks. Some people say you can also use it to install/unintall/upgrade programs while in LUA, although I personally don't (it just feels a little untidy). In fact, with SuRun, you arguably almost never have to log into your administrator account.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: LUA Question

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum