Partager via

Year of the Least Privileged User

  • Article

G. Andrew Duthie asks: "Will 2005 be the year of Least Privilege?"

Scoble, seems to think that it won't be and I would probably have to agree. I do think that we all as individuals could help convert the community at large if we preach about it enough. The Computer Science Club at Grand Valley is giving a presentation next week to students about running as the least privileged user, we will also be giving each attendee a handout about how to reconfigured their computer and account to run as a least privileged user.

--Eric (Grand Valley State University)

Comments

  • Anonymous
    January 25, 2005
    The average user won't run with reduced privileges until that's the automatic default in the OS install. Period.

    I set up all the computers I do for family and friends that way (and for the particularly clueless among them I hoarde the password of the "Admin" user to myself) but even with me setting it up and doing all administrative tasks it's still a problem for them.

    (It would help if things like Windows Update and antivirus program auto-updates worked as limited users through some kind of magic... What the heck is with these automatic updates that require an EULA clickthrough and so aren't actually automatic at all, anyway?)
  • Anonymous
    January 26, 2005
    Eric,

    That's great to hear that you're providing folks with resources to use LUA. Every little bit helps.

    Stuart,

    Have you checked out Aaron Margosis' blog (http://blogs.msdn.com/aaron_margosis/)? One of his posts discusses how he sets up non-technical users' PCs for LUA, and his experience is that it's dramatically reduced the amount of support he needed to provide.

    I can certainly sympathize on some of the challenges LUA can present, but I really believe that if you use the techniques that Aaron describes (FUS in Windows XP, and/or his MakeMeAdmin utility), you can take most, if not all, of the pain out of LUA.
  • Anonymous
    February 04, 2005
    To make things even easier, I've set up a wiki to gather together all the useful information about running as LUA: http://nonadmin.editme.com