|
Posted by Roger Abell on June 22, 2005, 6:57 am
Please log in for more thread options
I have not looked into case in W2k3. This has historically been the case,
meaning that if you look into the user token for System you will see the
Administrators SID.
You explaination as to why it would be a concern seems to be going
backward. What does it matter if Administrators members need to
have that right explictly granted to them relative to System also being
treated in the binaries so that it will always pass a test for grant to
Administrators or to System ??
--
Roger Abell
Microsoft MVP (Windows Security)
> I hope that is incorrect simplification: administrators by default don't
> have a privilege to act as a part of the system (which is required to
switch
> security context - - although admins can grant the right themselves) and
> existence of hidden accounts would be a matter of concern.
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
> > I have seen MS docs stating the System is a "hidden member"
> > of Administrators.
> >
> > --
> > Roger Abell
> > Microsoft MVP (Windows Security)
> >
> > > Colleagues,
> > >
> > > Is local system account member of local Administrators group?
> > >
> > > Thank you very much and best regards,
> > >
> > > Peter
> > >
> > >
> >
> >
>
>
| 
XML Sitemap