Re: XML in IE 5.0

From: Jesper M. Johansson (jjohanssat_private)
Date: Wed Jan 19 2000 - 07:00:17 PST

Next message: Imran Ghory: "Re: MS IIS 5.0 Access Violation on handling URL String"

Previous message: bugtraqat_private: "Re: Microsoft Security Bulletin (MS00-005)"
Next in thread: Jesper M. Johansson: "Re: XML in IE 5.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> For Windows users, The MS guys gave an interesting talk at the NTBugtraq
>> Canada Day Party at Russ' house last year.  NT2000 will include a feature that
>> is similar to su on unix, which will allow one to have different windows open
>> as different users on the same box... I believe it's an extension of the
>> terminal server concept.  Anyway, once folks get NT2000, they should really
>> consider running their browsers as locked-down, non-priveledged users.
>>
>Except that user preferences are no longer stored as being owned by *that*
>user (roaming profile problems anyone ?), per-user disk cache usage isn't
>associated with the correct user, etc.  Can you really imagine 90% of
>Internet users being savvy enough to run a browser in an "su" window ?
>The other option here for M$ is to reinvent the setuid bit :->

What you are talking about is the Run As... feature. It works, reasonably well, to let you run the machine as a different user. There was an SU command in the Resource Kit for NT 4, but it did not allow you to run control panels as an administrator. The Run As... does (right click on them, select Run As...). Thus, you can use it to set permissions (from the command line of course), change the page file size, change the IP address (no reboot required!), manage users and shares, and other administrative tasks However, it is still severely lacking, compared to a *NIX su:

1. You cannot run an Explorer window as a different user. Nor can you get a new desktop in a different user context. I also would not recommend running your browser in that context. I have seen IE being run as an administrator spawn processes in user context. I would expect that the opposite could also happen. Run As... is designed for administrative tasks while logged on as a user. It is not designed to give you a functional OS as an administrator.
2. You cannot use it for most of the existing InstallShield installers. In many cases they fail to recognize the context properly and crash. In other cases, they appear to work properly, but some of the processes they spawn are spawned in a regular user context. In any case, it usually is abysmally slow, on the order of taking 5-15 minutes to bring up the installers window after it is launched

The Run As... is a nice feature, and a good bit better than the NT4 RK SU, but it is nowhere near a *NIX su yet, unfortunately.


Jesper M. Johansson

Next message: Imran Ghory: "Re: MS IIS 5.0 Access Violation on handling URL String"
Previous message: bugtraqat_private: "Re: Microsoft Security Bulletin (MS00-005)"
Next in thread: Jesper M. Johansson: "Re: XML in IE 5.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:29:07 PDT