[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Bypass user GPO in Windows Xp / 2003

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Bypass user GPO in Windows Xp / 2003
From: Espen <espen@xxxxxxxxxxxxx>
Date: Wed, 21 Dec 2005 15:29:47 +0100

Hi

I know how to disable this - thats not the problem. I just tought it was a bit strange that the GPO settings could be bypassed. We also discovered that GPO's where applied if the user had cached profile on the desktop - but could be bypassed again with the "runas /noprofile" option.

It can be turned off in several ways:

- there is a setting for it in the std. GPO templates.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
/HideRunAsVerb = 1/

- Disable the secondary logon process.
- set  acl's on the runas.exe

Espen
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] Firewall (The Movie) - http://firewallmovie.warnerbros.com/cmp/trailer.html?id=trailer
Next by Date: Re: [Full-disclosure] Getting rid of n3td3v
Previous by thread: Re: [Full-disclosure] Bypass user GPO in Windows Xp / 2003
Next by thread: [Full-disclosure] Re: [Antisocial] Re: [Clips] Why Bush Approved the Wiretaps (fwd)
Index(es):
- Date
- Thread