Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Flash abominations and file permissions

Posted on 2003-10-27
8
Medium Priority
?
387 Views
Last Modified: 2010-04-14
I wrote a batch program called 'togflash' to toggle the renaming of the files that cause Flash animation to block my screen at times (GetFlash.exe,
Flash.ocx). So far, so good. I then discovered that the browser, finding them renamed, simply downloaded new copies and the awful visuals started up again. Wishing to extend my knowledge of Windows file permissions (that seem to be less intuitive than Unix ones) I decided to try the following:

1. Create a new account under Users. They are not meant to have file writing permissions in the directory these trojan files appear (C:\WINNT\system32\Macromed\Flash)

2. Run the browser as that user with 'Run as...'

Blow me if they're not *still* appearing. Why?
0
Comment
Question by:CEHJ
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 1

Assisted Solution

by:NahumK
NahumK earned 100 total points
ID: 9628352
Might be the browsing is down under "wimpy user" priveleges but the downloading is done through explorer.exe which uses the priveleges of the user that's logged on to the machine.
try to log on with the wimpy user and see if the problem occurs or just disable writing access on that directory for all users.
0
 
LVL 86

Author Comment

by:CEHJ
ID: 9629618
That's what I was thinking could be the problem.

>>just disable writing access on that directory for all users.

Been there, done that - file permissions got changed back to writable by some upstart process!
0
 
LVL 4

Accepted Solution

by:
darth_wannabe earned 400 total points
ID: 9634761
In your internet explorer security, set it to prompt you for active x controls and plugins rather than leaving it at 'enable'......or if you're sure you don't want to see them, set it to 'disabled'
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9634769
BTW, that would be at TOOLS->INTERNET OPTIONS->SECURITY->CUSTOM LEVEL
0
 
LVL 86

Author Comment

by:CEHJ
ID: 9634787
Quite a good idea, i might try it. Get back to you.
0
 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9634792
I believe that Internet Explorer uses the system account for stuff like you described.
0
 
LVL 4

Expert Comment

by:darth_wannabe
ID: 9634808
If you want to test it out, go to a site that you know has a bunch of flash stuff on it, like http://www.shockwave.com
0
 
LVL 86

Author Comment

by:CEHJ
ID: 9652269
Thanks guys.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
We live in a world of interfaces like the one in the title picture. VBA also allows to use interfaces which offers a lot of possibilities. This article describes how to use interfaces in VBA and how to work around their bugs.
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question