epmmis
asked on
Effect of enabling "Create a token object"
I am attempting to understand the vulnerablities being created by enabling the policy "Create a token object" for all domain users. We are updating a home grown app for use on Windows 7. The programmers have run into a problem running the app and their easy solution is to enable "Create a token object" policy.
Here is our environment.
This change would apply to Windows 7 R2 workstations. These workstations have the ususal desktop/control panel restrictions. We are using Applocker to apply the white list. The App locker white list is a detailed list of each executable which can be run.
Before I tell the programmers yes or no, I want to better understand the risks involved.
Here is our environment.
This change would apply to Windows 7 R2 workstations. These workstations have the ususal desktop/control panel restrictions. We are using Applocker to apply the white list. The App locker white list is a detailed list of each executable which can be run.
Before I tell the programmers yes or no, I want to better understand the risks involved.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hmmm. The link works for me.
Try this link as well:
http://technet.microsoft.com/en-us/library/dd349804(WS.10).aspx#BKMK_13
If that doesn't work, just go to http://www.technet.com and search for "Create token object"
Try this link as well:
http://technet.microsoft.com/en-us/library/dd349804(WS.10).aspx#BKMK_13
If that doesn't work, just go to http://www.technet.com and search for "Create token object"
ASKER
Thanks
ASKER
Would you repost the technet URL? It link reports "Page Not Found".