Several months back I had to figure out a way to get Create a card gold (5.0?) run on an XP system. The only real problem was that I had setup the account with limited user privileges (shared machine, several users, all with limited account priviliges.) But, somehow the program didn’t work well without administrator priviliges. Giving the account full administrator priviliges all the time was not an option and try as I might, I couldn’t find the right program directory to give expanded permissions that would solve the issue.
Now, YES there are newer versions of creat-a-card gold, but none seem well reviewed. In fact, some of the reviews I’ve seen are along the lines of “stick with version 5″. So, that wasn’t a great choice either. Finally, I created another user that I gave administrator priviliges to. Then used the “run as” function to run that program as this “new” more priviliged user. I gave the user the same password as the limited user account so that she would only have to type in her password again when the program ran.
Now, I’ll admit, it isn’t pretty (the password prompt is a big black command window.) But, it works. I essentially made a batch script (command script) that’s on the desktop that has one line….
runas /user:priviliged “c:program filespathtocreate-a-card-gold.exe”
The big black window pops up asking for the password and then things work as normal after that.
YES, this could introduce vulnerabilities. A user could modify the script to “runas” that user for another program, or use that program to save files in an area that they aren’t normally allowed to. This can compromise a tight setup. That much said, in this situation it was a compromise for a legacy application that could be made without giving an “all the time” administrator login.
There was another problem though – how to keep that new user from showing up in the login screen?
Related PostsRelated Posts
- Remote Tech Support using VNC (Ultravnc SC and x11vnc+wrapper script) Ok, some time back I'd done a writeup on UltraVNC SC, which is a nice customizable (windows version) VNC server that essentially let's someone doing remote support build their own downloadable .exe that runs and automatically tries to make a direct connection to a "listening" vnc viewer. It's good for......
- Remote tech support with anything - would I do it? I've tried to ask myself if I'd trust someone enough to let them run a remote session on my own desktop to solve a problem. I think the answer is "it depends". If you think about it, I do tech support for home users quite a bit and they let......
- Possible Windows Scheduler local privilige escalation Sans has a writeup on Windows local privilige escalation using the Windows scheduler and among other things it might be worth starting out by saying that typically, only Administrative group users in Windows XP are allowed to access the Windows Scheduler. However, I have read reference of some installs that......
- Triathlon Training 101 Given your background, do you know which triathlon training program is going to be ideal? Where does one even get started? We all come from vastly different injuries, backgrounds, genetics and so on and so forth, so there is no one size fits all solution to planning for a triathlon......
- Download the Google Chrome OS Virtual Machine Last week, Techcrunch reported rumors of the release of the Google Chrome OS. They stated that the info came from a reliable source, and indeed that source was reliable. Google had an event at their headquarters, and indeed provided new details and a demo of the Chrome OS. The......
- Lending Club Clarifies Referral Program at P2P No Bank Forum After my gripes I will reproduce the post on p2p no bank post in entirety...Â User must sign up in the same session...Â Amazon, EBay, Prosper, and many many more affiliate programs have a cookie that lasts 30 days. Any page of the lending club website (including the blog if......
- Hiding a user from the Welcome screen in Windows XP
- Epson Perfection 1650 scanner and Windows XP Limited User account
- Possible Windows Scheduler local privilige escalation
- Windows XP lost administrators password
- Administrative access on linux systems