Zero3 schrieb: > Matthew Toseland skrev: >> RUNNING AS A DEDICATED USER >> ==================== >> >> At least one user saw his XP login screen changed as a result of Freenet >> adding a user to run under. A number of users complained about it, or gave >> it >> as a reason for uninstalling. We have discussed it at length and I really >> don't see much alternative on Windows due to permissions problems ... >> > > Throwing in a question here: What are the reasons for running as our own > user compared to LocalService/NetworkService/LocalSystem? What kind of > permission problems does the normal service accounts give us (any we > can't fix with cacls?). If any at all? Does anyone know?
One reason i can think of: Local System has all rights on windows, so you would run freenet as admin/root. One exploit and the attacker has full access to everything. With a seperate restricted user, the attacker only gets limited access and has to break another door before he can get in. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 315 bytes Desc: OpenPGP digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20090103/edbfc7ef/attachment.pgp>
