[THIN] Re: Security risk

• From: "Rick Mack" <ulrich.mack@xxxxxxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Thu, 16 Oct 2008 21:24:18 +1000

Hi Bill,

The security risk is there, it isn't huge but it is giving non-admin users a
privilege that they would normally only have on the console (session 0).

But it's a difficult choice between making an application run for non-admins
and opening a small but not inconsequential hole in your security. If it's
any consolation, we've been assigning this privilege to students in several
schools (AutoCAD etc) and despite considerable entrpeneurialism by the
students it hasn't proven to be an embarassment.

regards,

Rick

-- 
Ulrich Mack
Quest Software
Provision Networks Division



On Thu, Oct 16, 2008 at 12:46 AM, Beckett, William (Bill) <
WBECKETT@xxxxxxxxxxxxx> wrote:

>  What is the inherent security risk with allowing access to "Create Global
> Objects" within a citrix environment?
>

• Follow-Ups:
  • [THIN] Re: Security risk
    • From: Beckett, William (Bill)

• References:
  • [THIN] Security risk
    • From: Beckett, William (Bill)

Other related posts:

• » [THIN] Security risk
• » [THIN] Re: Security risk
• » [THIN] Re: Security risk

1. Home
2. thin
3. Archive
4. 10-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---