Search

 Search
Thursday, August 21, 2008    /   Register Login
 
View Article

Current Articles | Categories | Search | Syndication

Thursday, February 07, 2008
User Accounts in Vista
By Vista Guru @ 3:13 AM :: 2967 Views :: 0 Comments :: :: Windows Vista Guides		 


Different Types of Accounts

 You can set up different kinds of accounts using UAC. Setting up different types of accounts makes it easy for you to exercise control over the kind of programs that users can install or the kind of websites they can browse. Basically, you can set up two types of user accounts:

1. Standard user accounts:

a. These accounts are set up for general users.
b. They cannot install programs or change system settings.
c. If they try to do any of these activities, a message box pops up notifying them that they require administrator rights to perform the task.

2. Administrator accounts:

a. These accounts are for owners or administrators.
b. They can install programs as well as change system settings.
c. Threats like malware attempt to exploit administrator rights in secret. To prevent this from happening, most programs run with standard rights even if the user has administrator rights. This prevents and limits large scale damage.

UAC and Access Tokens

When an administrator logs onto a computer that is running Vista, they are assigned two access tokens. One gives them standard rights and the other gives them administrator rights. Windows uses access tokens to control the extent of access a user can have over resources and also to control the kind of tasks they can perform. The access token contains the user’s group membership and authorization. Most tasks are run using the standard access token and the administrator token is used when the user attempts a task that requires administrator rights.

In the earlier versions of the Windows OS, administrators had only one access token that gave them access to all resources. There was no fail-safe check provision which meant there was no way to ensure the user wanted to perform a task that required an administrator access token. As a result, malware could easily get installed on the machine without the user being notified, a process called ‘silent installation’. Since the user was an administrator, the malware could be directly installed on the core area of the computer and sometimes become difficult to remove. 

 

Paging - Page: 2 of 3
Previous Page | Next Page
Rating

Comments
Currently, there are no comments. Be the first to post one!
Click here to post a comment
 
       Privacy Statement  -  Terms Of Use  /  Copyright 2008 tkArena