7im wrote:Really? That entry has helped many people.
If that WIKI entry is so bad, feel free to point out where the info is wrong, and I will have the WIKI updated.
1. It has you activate the disabled Administrator account.
That account was deactivated for a reason.
Link
That account has UAC disabled on it by default making it a security liability.
Furthermore there is no reason to activate this account to do this.
2. It instructs the users to set fah.exe to always run as Administrator.
That is just poor overall security. fah talks to the outside world via a port, which opens it up to the possibility of a remote priviledge escalation attack.
You don't mount screen doors to submarines.
Link
3. It informs the user that if they want to install it to Program Files, that they'll need to do the always run as Admin trick or disable UAC.
Why not just tell them to change the NTFS permissions of Program Files while you're at it?
4. Alternate Method 1. Finding explorer.exe and elevating it to Admin does not work unless you are already in an account with Admin priviledges.
Link
That blog post gives a "hack" that will make it work for those who are not. Do me a favor and don't put that on the Wiki.
5. Alternate Method 2, bullet 3. An Admin elevated instance of Command Prompt puts you into System32, not Users.
Of the methods listed this seems to be the "cleanest" as it elevates up once, installs, and then drops back down to standard.
You make no mention if that method still requires fah.exe to run as Admin. If it doesn't great. If not, boo.
Don't let this read personal. Nothing against you 7im. It's apparent looking at this Wiki that Stanford apparently doesn't know how to code. Which in turn makes me wonder what kind of remote exploits exist yet undiscovered in their code.
I find it hard to believe that any Enterprise environment is folding for Standford if this is the reality of what this client requires.
Do the *NIX versions require root to work?
Edit: URL tag clean up.
All of my written content here on TR does not represent or reflect the views of my employer or any reasonable human being. All content and actions are my own.