[Full-Disclosure] W2k users, local admin rights and GPOs

[Sergey V. Gordeychik]

From: Exibar [mailto:exibar at thelair.com]

> What you do is first, delete the policies from the registry, then deny
>everyone (except for a locally created user) access to the policy key.
>You'll see the failures in the event log when a new policy attempts to
get >written.  Viola!  no more policies....

 But if I define registry keys permissions in GPO? It's works? Hm...
I'll try it.

One more question. Can any body provide examples of wide-used software
(client-side software I mean) which doesn't work without administrative
rights?