[Full-disclosure] Bypass user GPO in Windows Xp / 2003
Espen
espen at espen.mine.nu
Wed Dec 21 14:29:47 GMT 2005
Hi
I know how to disable this - thats not the problem. I just tought it was
a bit strange that the GPO settings could be bypassed.
We also discovered that GPO's where applied if the user had cached
profile on the desktop - but could be bypassed again with the "runas
/noprofile" option.
It can be turned off in several ways:
- there is a setting for it in the std. GPO templates.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
/HideRunAsVerb = 1/
- Disable the secondary logon process.
- set acl's on the runas.exe
Espen
Full-Disclosure is hosted and sponsored by Secunia.