Prev: Rogue virus again?
Next: Passwords
From: Brent on 8 Mar 2010 14:26
Hi,

We have set up a single windows host with several accounts on it. Each user
connects via Remote Desktop with their account is allowed to perform client
side type of work including browsing the internet and internal internet
applications. Some of these applications contain Active X controls.

Since we do not give each user local admin privileges as we do not want them
installing any application that would conflict with other users on the box,
however, we feel that allowing them to download and install safe active x
controls from our internal applications would be ok.

Is there a way to set this sort of permission up? Can we trust certain
domains that allow full active x installation assuming that they come from
those domains?

Thanks!


--
Thanks!
From: Anteaus on 9 Mar 2010 03:08

I understand this may be possible with IE8. However, it largely defeats the
purpose of limited-user working since activex malware is one of the biggest
risks associated with IE.

An alternative might be to roll-out the activex code using an
install-tracker such as InstallRite. If the package is installed as admin
this should overcome the problem. http://epsilonsquared.com

Basically, the coders need a kick in the pants, and to be told to stop using
practices which demand a nil-security computer.

"Brent" wrote:

> Hi,
>
> We have set up a single windows host with several accounts on it. Each user
> connects via Remote Desktop with their account is allowed to perform client
> side type of work including browsing the internet and internal internet
> applications. Some of these applications contain Active X controls.
>
> Since we do not give each user local admin privileges as we do not want them
> installing any application that would conflict with other users on the box,
> however, we feel that allowing them to download and install safe active x
> controls from our internal applications would be ok.
>
> Is there a way to set this sort of permission up? Can we trust certain
> domains that allow full active x installation assuming that they come from
> those domains?
>
> Thanks!
>
>
> --
> Thanks!
 | 
Pages: 1
Prev: Rogue virus again?
Next: Passwords