Running a browser as a restricted user

Toggle sidebar Toggle sidebar
Red Squirrel

Red Squirrel

No Lifer
May 24, 2003
65,202
10,995
126
Having read up on the latest attacks on AT and the hijacks, I was thinking, would running a browser as a restricted user help prevent hijacks? Or do these simply bypass permissions and attack at a lower level?

Basically this user would have "deny all" pushed throughout the file system, and only the files required for firefox to run would be allowed.

Running as a restricted user could have some merrit, but who actually does this on a home PC? You can barely do anything without constantly having to do run as, not to mention your profile can still be infected.
 
mechBgon

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
Yes, running the browser as a RU will stop a lot of mainstream stuff. The bad guys will adapt to the non-Admin environment as time goes by (so says Mark Russinovich of Sysinternals fame), but for stuff to put down the most serious type of roots, Admin powers will be needed.

Running as a restricted user could have some merrit, but who actually does this on a home PC? You can barely do anything without constantly having to do run as
Click to expand...

I run as a low-rights user all the time, and have for years. I've set some home users up that way too, and actually they manage fairly well for the most part. A poll in AT's Operating Systems forum 3-4 years ago showed that about 1/3 of the voters were using low-rights accounts on Windows at that point, so it might be more common here than you expect.

, not to mention your profile can still be infected.
Click to expand...

Hence the introduction of Windows Integrity Control and Protected Mode with Vista.
 
balloonshark

balloonshark

Diamond Member
Jun 5, 2008
5,943
2,251
136
With Vista or Windows 7 people should be running as a standard user. I have an unopened Win7 box and I wouldn't have gave MS a nickel if I couldn't have run daily as a standard user.

In the past I used DropMyRights to lower the rights of my internet facing apps. I'm not sure how much it helped but it wasn't much work and didn't use any resources.

http://cybercoyote.org/security/drop.shtml
http://msdn.microsoft.com/en-us/library/ms972827.aspx

I've been using Sandboxie and it now has a Drop Rights feature as well as the ability to control which apps can run and/or have internet access in the sandbox. http://www.sandboxie.com/index.php?RestrictionsSettings

Online Armor HIPS/firewall has the RunSafer feature which is similar to DropMyRights. http://www.tallemu.com/webhelp3/KF-RunSafer.html
 
Red Squirrel

Red Squirrel

No Lifer
May 24, 2003
65,202
10,995
126
Actually another thing I was thinking of, in a Linux environment, could you run a browser in a chroot jail? That should essentially protect from any possible exploit right? Most exploits are targetted at windows, but lets assume there was a lot targetted at Linux too.
 
You must log in or register to reply here.

Similar threads

BonzaiDuck
  • Question
Question Recommend to me a web-browser to replace EDGE which doesn't cause this problem . . .
Replies
11
Views
1K
Windows
igor_kavinski
I
Xarzu
Discussion Do I have Services that Need Attention?
Replies
1
Views
1K
Windows
mikeymikec
mikeymikec
mikeymikec
Rant I'm an old man and I hate software updates
Replies
139
Views
5K
OT Discussion Club
Muse
Muse
Red Squirrel
How to I automate a script to run as a different user with cron?
Replies
1
Views
10K
Open Source
Red Squirrel
Red Squirrel
arrfep
  • Question
Question How to delete Chrome/Edge autofill and saved passwords from one computer's OS SSD when it's installed in another PC as a secondary drive?
Replies
1
Views
1K
Memory and Storage
Tup3x
Tup3x

ASK THE COMMUNITY

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom