Why Non Admin

From peterb - 2/4/05 9:00 PM

This is an excellent summary. "Don't hold on to more privileges than you actually need at any one moment" is a good rule of thumb in any system that has an administrator or superuser concept. I originally saw this sentiment expressed in O'Reilly and Associates' book Unix Power Tools, but I don't have my copy handy, so I'll steal this paraphrase from the web:

"If you picture using the root account as wearing a special magic hat that gives you lots of power, so that you can, by waving your hand, destroy entire cities, it is a good idea to be a bit careful about what you do with your hands. Since it is easy to move your hand in a destructive way by accident, it is not a good idea to wear the magic hat when it is not needed, despite the wonderful feeling."

Windows, like other modern operating systems, has a rich and sophisticated set of security semantics available to it to that are completely bypassed if you run as administrator. If you run as admin all the time, you are crippling your ability to do useful work, just as surely as if you turned off your virtual memory system.

Don't wear the magic hat unless you need to.

From Chris Hayes [170.163.36.36] - 2/7/05 7:21 AM

From peterb - 2005-02-04 11:00 PM

"Windows, like other modern operating systems, has a rich and sophisticated set of security semantics available to it to that are completely bypassed if you run as administrator. If you run as admin all the time, you are crippling your ability to do useful work, just as surely as if you turned off your virtual memory system.

Don't wear the magic hat unless you need to."

peterb, as I am sure you are well aware, in today's world it is sometimes a good idea to turn off your virtual memory.  If you monitor your system as I am sure you do how often do you ever use it?  I don't know about you but with 3 gig's of memory in my desktop I have never needed it. 

I also don't see a problem with staying logged into one of your systems as DAdmin all the time although I am sure we can agree it really just depends on what you do on that system (no surfing).

From Thomas Jones [66.44.0.107] - 3/25/05 3:12 AM

Under XP Home SP2, I have just started doing almost all of my work in User mode, which is more secure than Administrator mode. Could someone give me some specifics as to what types of attacks are blocked? Especially, I am, or was, concerned about getting a keystroke logger installed which would steal my online banking details. I use Firefox 1.0.2. I plan to continue to download and install (in Administrator mode) third-party software, but I am rather choosy about what software I get; e.g., Windows Media Player, but not Kazaa or Grokster. I run the usual anti-virus/anti-spyware software, including the Microsoft anti-spyware tool.

Thomas Jones
DrJones@alum.MIT.edu

From jonathanh - 4/7/05 10:41 PM

Thomas - by adding running as non-admin to your existing setup, you're definitely locked up tight. Keyloggers require admin rights to install, and I'd bet that most will need them to run as well (since their coders are greedy rather than careful). As you rightly suspect, your biggest remaining threat is a keylogger piggybacking on third-party software, but by only installing trusted software you minimize that risk as well.