Solved

Flash abominations and file permissions

Posted on 2003-10-27
8
380 Views
Last Modified: 2010-04-14
I wrote a batch program called 'togflash' to toggle the renaming of the files that cause Flash animation to block my screen at times (GetFlash.exe,
Flash.ocx). So far, so good. I then discovered that the browser, finding them renamed, simply downloaded new copies and the awful visuals started up again. Wishing to extend my knowledge of Windows file permissions (that seem to be less intuitive than Unix ones) I decided to try the following:

1. Create a new account under Users. They are not meant to have file writing permissions in the directory these trojan files appear (C:\WINNT\system32\Macromed\Flash)

2. Run the browser as that user with 'Run as...'

Blow me if they're not *still* appearing. Why?
0
Comment
Question by:CEHJ
  • 4
  • 3
8 Comments
 
LVL 1

Assisted Solution

by:NahumK
NahumK earned 25 total points
ID: 9628352
Might be the browsing is down under "wimpy user" priveleges but the downloading is done through explorer.exe which uses the priveleges of the user that's logged on to the machine.
try to log on with the wimpy user and see if the problem occurs or just disable writing access on that directory for all users.
0
 
LVL 86

Author Comment

by:CEHJ
ID: 9629618
That's what I was thinking could be the problem.

>>just disable writing access on that directory for all users.

Been there, done that - file permissions got changed back to writable by some upstart process!
0
 
LVL 4

Accepted Solution

by:
darth_wannabe earned 100 total points
ID: 9634761
In your internet explorer security, set it to prompt you for active x controls and plugins rather than leaving it at 'enable'......or if you're sure you don't want to see them, set it to 'disabled'
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9634769
BTW, that would be at TOOLS->INTERNET OPTIONS->SECURITY->CUSTOM LEVEL
0
 
LVL 86

Author Comment

by:CEHJ
ID: 9634787
Quite a good idea, i might try it. Get back to you.
0
 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9634792
I believe that Internet Explorer uses the system account for stuff like you described.
0
 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9634808
If you want to test it out, go to a site that you know has a bunch of flash stuff on it, like http://www.shockwave.com
0
 
LVL 86

Author Comment

by:CEHJ
ID: 9652269
Thanks guys.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Active directory user account audit 4 729
windows 2000 3 427
301 redirects on a non-existent site (the site was deleted) 1 302
windows 2000 image 3 135
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now