Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
Part 1- Do all processes and executables in Windows require an account run and manage them. I was reading how the System account manages the core processes of the OS while service accounts and User accounts manage applications.
Part 2- Do applications or processes that are exploited by any means such as buffer overflow for example and a hacker receives a shell from the exploitation will the shell be under the priveleges of the account that was running the process?
I do not really understand your first question, but yes all the processes have a owner (so a 'user' account in some way...). System is just a particular user in Windows who can basically do anything.
Given a process X which has been run by USER_A, if you're USER_B and exploit the process X with a buffer overflow (or whatever), by controlling this process, you will be able to do everything USER_A can do, so if you launch a shell through the process X, you will have the rights of USER_A in this shell.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I have a logon batch script that runs a .reg file for all user when they log in. here's my script
#echo running
REGEDIT.EXE /S "C:\user_files\user.reg"
Now my concern is that the batch file itself is located in
C:\Windows\System32\GroupPolicy\User\Scripts
Every user has access to this directory. So anyone can change the batch and may cause security threat. Is there a way to make it more secure. or is can I do something similar with PowerShell scripting so there's no batch. If someone could point me to the right direction would be very helpful.
your script needs to be readable by your users, but you can take away their rights to modify it -- that's a typical file system feature that every Windows since NT has (aside from windows 9x, of course).
Hence, simply remove the write privileges from the user group in which your users are, and you're fine.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
My network user id keeps getting locked out, but I'm not doing it. I'm positive no one is using it besides me, but it is embedded in various places, for example I have a local IIS instance that is using it. However, my ID was locked over the weekend & I wasn't working. I'm assuming that my id is embedded somewhere else with an old password. How can I find out where?
Scour the Windows Security event logs on the machines where you may have set up scheduled tasks or services to run as you. Or if it's consistently happening, power down a machine and see if you still get locked out, if you do it's not that powered off machine, use the process of elimination that way (if possible).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I know that every account uses some space, but beside that, is it slowing down computer in some other way?
I have windows 7.
The only way it would impact performance (other than the disk space as you mentioned) is if more than one user is logged on to the machine at the same time, like when a "Switch User" is done, which pushes all User A's running processes (using RAM and CPU) to the background essentially so the new User B can then log on.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
How can I find a process is owned by which shell?
It is useful as I have a server with multiple logged in users and a few long-running processes, and I want to know which users can I force log-out without stopping their started jobs.
The output of ps is reporting a TTY, but it is not useful as even after disowning a job, its TTY remains the same. So how can I find out if a user disown/nohuped its started processes?
You can't find the “owner shell” in the sense you're describing, because there's no such thing. You can find the parent process, which may be a shell; but you can't know whether the shell disowned the job, because that operation is purely internal to the shell.
What you should really do is instruct your users to start long-running programs inside Screen or Tmux. These are somewhat complex programs, but for basic use, they are very simple.
Start a Screen session by running the command screen.
You can run commands inside that session, and they'll keep running even if you log out.
If you want to log out with a command still running, disconnect from the Screen session by typing Ctrl+A D.
To reconnect to an existing Screen session, run screen -rd.
If you exit the shell inside a Screen session, the session exits.
You could perhaps make a wrapper script around long-running processes that starts screen automatically.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
How do you prevent access to the 'calculator' interface on a particular OS (say Windows). We would want to avoid usage of calculators while taking an online quiz at the site. Is this even possible?
If you're talking about through a purely web interface, then no. In order to do this, you would have to be able to monitor running processes, which is something a web app can't do. It would be too big a security risk.
If you control the machines (they're on your network, in a classroom where you can load and restrict the software, etc), you could write a program to monitor and shut down the processes. For example, a .NET application could use the System.Diagnostocs.Process object to monitor for instances of calc.exe.
A standard executable could do it, but not a web app.
Edit Added
There may be other alternatives if you control the PCs in question. Most corporate IT shops use some sort of monitoring software that will detect the use of "Unauthorized" programs. (I got busted for launching Solitaire once.) That would be more of a question for ServerFault.com, however.
Do you think it would be a good idea if websites were able to stop executable running on remote computers? Think about this seriously for a second, the security/privacy implications this would have.