Member Avatar for Kamex

I triple-boot Microsoft Windows 98 Second Edition, Microsoft Windows XP Home Edition Service Pack 2, and SUSE Linux 9.3 Professional.

For those that don't know, Linux has special user permissions. There is only one user with access to the entire harddrive, called "root", and this user has an encrypted password. All other users can only access a few folders, mainly their "Home" folder, which is the equivalent of the "Documents and Settings" folder in Windows.

I use Linux for email and web browsing as I am very paranoid about viruses and spyware and the like, but I need Windows XP for gaming, as well as some other programs. I also need it when making Windows screenshots to help people, so even if I could get WINE working correctly (which really isn't possible, given that my 3d acceleration doesn't work), I'd still need Windows XP for this. While I disable Internet in Windows 98, this is not possible for XP, because many of the games I play on it are online games.

It would thus be of great convenience to me to be able to run Windows XP safely, and I have recently heard that 'nix-like user permissions are possible with Windows XP. I have also heard, however, that XP's user permission system is far more primitive.

I am going to be buying a new video card soon, and when I buy this card, I plan on reformatting XP. When I reformat, I'd like to set up these user permissions, that is, if I can live with the annoyances associated with it.

Here are the questions I have (keep in mind that I have Home Edition):

1) Would this even protect me from viruses and other malicious programs?
2) Is it possible run a program as a different user?
3) Is it possible to encrypt the Administrator password?
4) Is it possible to configure Limited accounts' access to individual folders?
5) Is it possible to log in as a different user in the command prompt application?
6) Is it possible to configure which user is automatically logged into on startup?
7) Are there any programs I can expect not to run with this type of permissions system, even if I install them in the Documents and Settings folder?
8) Are there any other annoyances I should be aware of?
9) Is there an alternative way to protect myself that you would recommend?
Edit:
10) Is there a way to configure the location of the Documents and Settings Folder of an already created account (this way, I could change my folder from D:\Documents and Settings\Kamex to D:\Documents and Settings\Administrator in order to try the system out and avoid having to reformat)?

  • 4 Contributors
  • 3 Replies
  • 239 Views
  • 16 Hours Discussion Span
  • Latest Post Latest Post by DMR
Member Avatar for MartyMcFly

I've run out of time at work, so to quickly try and answer some questions, here I go;

1. Dont know
2. So programs allow the use of Run as, or, you can log on with two different users at same time, therefore run programs and "switch users"
3. Dont think so
4. Yes
5. I really dont think so
6. Not if you have more than one
7. Knowing windows, probably lots.
8. If I new them, I would earn a lot more than I do now.
9. Only have one OS, one user, add lockdown to the max. If you run as a user with restricted settings, a malicious user of the PC could still access files with the other user account. Having a multitude of accounts in Windows helps nothing, an gives no benefits to my knowledge. I would really not advise it.
10. You can copy the profile on to CD, or other disk, then having logged on with the account, copy the profile back in to that users folder.

I should point out that I've never used linux, nor heard of "nix", but have tried to be as helpful as i can under those circumstances. I'll keep an eye on this post in case I can be of further help, (or hinderance).

Member Avatar for kc0arf

Hello,

The big thing with Windows and security is that you often have to be a Local Administrator in order to get the games (and other business software) to operate correctly. Since the local administrator is the God of the machine, the door is open, and away we go for infection. I hope that your root account inside of linux is not your main account.

Yes, you can play with the NTFS rights on the C: but you are asking for big trouble that might require a re-install to repair.

The local administrator password is encrypted. Don't need to worry about that.

I know under 2000 and in a domain environment, that a default username / password can be specified. Check out HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogin for some more information there. Not sure if this works in XP or on a domainless workstation.

The only thing I can recommend that you do to protect yourself is to consider building a second game machine, and leaving this one to do Linux with. That way, your work is secure, and you can game to your heart's content.

Hope this helps,

Christian

Member Avatar for DMR

I have recently heard that 'nix-like user permissions are possible with Windows XP. I have also heard, however, that XP's user permission system is far more primitive.

One thing to keep in mind if you're concerned about permissions/user rights/access policies: there's a big difference between XP Pro and Home in those areas. If you want the most flexibility and granularity in terms of security-related settings (especially in a network environment), you'll want XP Pro, not Home.

Also- contrary to what a lot of Linux users will tell you, Windows 2K/XP permissions are actually quite flexible and powerful. Even in a workgroup configuration, you have a myriad of options you can configure through the Security-related MMC snap-ins, the advanced file/folder permission and security options, etc. The problem, of course, is that Microsoft hasn't exactly implemented those options in an intuitive or centralized way.... :sad:

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.