Robert Hurlbut Blog

Thoughts on Software Security, Software Architecture, Software Development, and Agility

Least-Privileged Incompatibilities research

Monday, February 14, 2005 Comments

 .NET  Security 
Share:   Share on LinkedIn    Share on Twitter    Share on Facebook   

Last year, I answered some questions for a Microsoft Research project about running as non-administrator and the obstacles I have found in using various Windows applications. Susan Bradley is pointing to the final paper of this research project entitled "A Black-Box Tracing Technique to Identify Causes of Least-Privilege Incompatibilities". Skimming through, it looks to be an interesting read.

Bottom line is what Susan mentions as the goal of the document:

“Most Windows users run all the time with Administrator privileges, equivalent to root privileges on a UNIX system. The possession of Administrator privileges by every user significantly increases the vulnerability of Windows systems. For example, simply compromising a user network service, such as an instant messaging client, provides an attacker complete control of the system. We address this problem by making it easier to develop applications that do not require Administrator privileges, thereby decreasing the inconvenience of running without Administrator privileges. To this end, we present a novel tracing technique for identifying the reasons applications require Administrator privileges (which we refer to as least-privilege incompatibilities). Our evaluation on a number of real-world applications shows that our tracing technique significantly helps developers fix least-privilege incompatibilities and can also help system administrators mitigate the impact of least-privilege incompatibilities in the near term through local system policy changes.”

Anything that helps developers meet the goal of developing software with the Limited User in mind is a welcome addition!

Share:   Share on LinkedIn    Share on Twitter    Share on Facebook