[THIN] Re: Security risk

• From: "Beckett, William (Bill)" <WBECKETT@xxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Thu, 16 Oct 2008 07:34:23 -0400

Excellent. Thanks for the response Rick. I think our direction will be
the same as yours.

 

 

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Rick Mack
Sent: Thursday, October 16, 2008 7:24 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Security risk

 

Hi Bill,

 

The security risk is there, it isn't huge but it is giving non-admin
users a privilege that they would normally only have on the console
(session 0). 

 

But it's a difficult choice between making an application run for
non-admins and opening a small but not inconsequential hole in your
security. If it's any consolation, we've been assigning this privilege
to students in several schools (AutoCAD etc) and despite considerable
entrpeneurialism by the students it hasn't proven to be an embarassment.

 

regards,

 

Rick

 

-- 
Ulrich Mack
Quest Software
Provision Networks Division



 

On Thu, Oct 16, 2008 at 12:46 AM, Beckett, William (Bill)
<WBECKETT@xxxxxxxxxxxxx> wrote:

What is the inherent security risk with allowing access to "Create
Global Objects" within a citrix environment?

• References:
  • [THIN] Security risk
    • From: Beckett, William (Bill)
  • [THIN] Re: Security risk
    • From: Rick Mack

Other related posts:

• » [THIN] Security risk
• » [THIN] Re: Security risk
• » [THIN] Re: Security risk

1. Home
2. thin
3. Archive
4. 10-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---