UAC whitelist

  • Thread starter Thread starter anySmarterIdrunLinux
  • Start date Start date
A

anySmarterIdrunLinux

Is there a way to grant an applicatoin the right to execute now and forever
more? An app that I use 3,4,10,15 times a day triggers an UAC prompt. I
understand that the app should be written in a different manner so that it
does not need Admin rights. Until it is re-written, I do not want to be
prompted __EVERY__ time i launch it. Is this possible?

Since I think I already know the answer (but I am wrong far more than I
would like to admit which is why i am posting), Why not???

and to answer the first 3 arguments against: 1) I don't care that the app
should be written differently. It is not written differently now, and I need
to run it now. 2) It's not really a security hole to whitelist an app(s) -
UAC is still running. Firewall is still running. User is still a least
priveledge account, etc. 3) i haven't thought far enough to have 3 counter
arguments.

Can someone explain to MS the value in grannular configuration? 'Configure
UAC' should have a few more options than Turn On / Off.

Thanks for all of your help and feedback.

Matt
 
Unfortunately, there is no way to have a specific app silently elevate while
leaving UAC enabled for all other administrative apps. I do feel your pain
here -- I bounce off the elevation prompt many times a day. I just learned
to quick hit ALT+C whenever it's coming up. There's plenty of websites that
give instructions on how to turn UAC off, if it's really ruining your day.

Although it doesn't seem like that's a security hole, it actually can be.
Security is a 'weakest link' game. If a program has a "golden ticket" to run
elevated, then the system's security is only as strong as that app is -- and
most apps aren't written in such a way as to be strong against subversion by
other apps. Suppose mmc.exe (the Microsoft Management Console - open the
Start menu, right-click on 'Computer' and choose 'Manage') were automatically
quietly elevated every time. Then a bad guy would just have to figure out
how to run it from the command line; or to ask it to open a malformed .mmc
file that causes it to crash exploitably.
 
If a program has a "golden ticket" to run elevated,
then the system's security is only as strong as that app is
and most apps aren't written in such a way as to be strong against
subversion by
other apps. Suppose mmc.exe (the Microsoft Management Console - open the
Start menu, right-click on 'Computer' and choose 'Manage') were
automatically
quietly elevated every time. Then a bad guy would just have to figure out
how to run it from the command line; or to ask it to open a malformed .mmc
file that causes it to crash exploitably.

Do you think that the prompt for elevation is a more secure way to avoid a
bad guy program running?
What prevents a "bad guy" program to patch a "normal" program, then asking
for running the "normal" program in an elevated mode ?
If an integrity check was done and failed, then prompting the user to
require a specific action would be meaningfull.
I don't see UAC doing a crc check or whatever mechanism to be assured that
the "normal"program had not been patched by a bad guy. actually an user can
accept to run in an elevated mode a program that is supposed to be a "safe"
one ?
A white list, associated to a crc check (or whatever mechanism to check
integrity) is, in my mind the way to acchieve this goal without endless
prompting the user for anything.

Regards
 
Thanks for the reply. I understand your comment about the dangers of
'whitelisting' an application, but have to disagree in pricipal. A user that
keeps a .txt file on the desktop called 'passwords.txt' might also try to
whitelist system control programs, scripts, etc. You can't help them anyway.
But a 3rd party app, that is not on every computer, cannot be manipulated if
the system itself has not already been comprimised.
 
Thanks for the reply. I understand your comment about the dangers of
'whitelisting' an application, but have to disagree in pricipal. A user that
keeps a .txt file on the desktop called 'passwords.txt' might also try to
whitelist system control programs, scripts, etc. You can't help them anyway.
But a 3rd party app, that is not on every computer, cannot be manipulated if
the system itself has not already been comprimised.
 
Thanks for the reply Jeff. But i have to disagree in pricipal. _MAYBE_ you
could make an argument for not allowing core MS utilities from being
'whitelisted', but if an admin is that lazy, then I say let them go. you
can't stop them from saving 'passwords.txt' on their desktop either.

But we're talking about 3rd party applications - not standard packages. In
order for a non-standard application to be comprimised, the system would
already have been comprimised. So all we're left with is a PITA.

As mentioned by Olivier - combine a whitelist with a CRC check - MS are you
listening? SP2 maybe???

thx again
 
I guess Vista helps in more ways than i knew. Sorry for the duplicate posts...
 
Back
Top