The trick to implement security control over applications in Win7 environment

An application is a computer program that is developed to run on the operating system in order to complete a particular task or tasks. It is directly served to the user. If the operating system is a platform, then the application is the protagonist. But the application brings convenience to the user, and sometimes it also threatens the security of the system. To this end, implementing security control on the application is an important security policy of the operating system. . So, how to implement security control of the application in the Windows environment? This is what we will introduce to you in this tutorial today. Interested friends will come and see it.

1. Configure the application. The running level of the program

Like the previous Vista, Microsoft does not encourage users to log in to the system as an administrator to implement the operation, because there is a great risk. We know that in Windows 7, if you log in to the system as an administrator, all running programs run with administrator privileges by default. For security, we log in to the system as a non-administrator user, but sometimes it needs to be set up or maintained by the system. To perform these operations, you must have administrator privileges. Then you need to log out of the current user and log in as an administrator again. System? In fact, in Windows 7, we can implement the application in elevated mode in two ways.

(1). Run once with administrator privileges. In general, we only need to run the administrator with the current permissions, then select the privilege escalation policy that runs once with administrator privileges. To achieve this, right-click on the application's shortcut or its main program, and select “Run as administrator” in the menu list. At this point, the User Account Control (UAC) dialog box will pop up. The dialog box lists all the administrators of the system for the user to select. We can select an administrator user and enter the corresponding password to run the program as an administrator. In this regard, we can open the Widnows 7 task manager to confirm, you can see that although the current user is logged into the system, but the program is run as an administrator.

(2). Always run the program as an administrator. In addition to temporarily running the program with administrator privileges, we can also make the program always run with administrator privileges. The advantage of this is that it saves the trouble of privilege escalation every time, and after setting such a program that can only run in the administrator privilege, it can prevent its use problem due to permission. failure. Of course, the drawbacks of this are very obvious. If the application is always running with administrator privileges, it will bring certain security risks. Moreover, after logging in this way, we will lose meaning when logging in to the system as a normal user. The author's recommended practice is to set only programs that must be run with administrator privileges to always run as an administrator.

In Windows 7, we can set this by right-clicking on the application or its icon and selecting “Properties'; in the properties dialog, navigate to the "Compatibility" tab. Check "Run this program as an administrator" under the privilege level. If you want this setting to work for all users, you need to click the "Change all user settings" button, then an application properties dialog, under the privilege level of the "All users compatibility" tab. Check the “Run this program as an administrator” checkbox again. It's important to note that we can't set up a system application or a process that always runs as an administrator. In some cases, we will find that the “Hidden this program as administrator” checkbox is not optional, usually because the program is a system program or the program is prohibited from escalating permissions. In addition, this check box is not optional if the current user is not an administrator or if the program does not require administrator credentials. Source: Exam

2, Control application installation and running behavior

For general users or system administrators, in addition to controlling the running rights of the installed applications in the system Also, control the installation behavior of the application. So, how are these implemented in Windows 7? We can achieve our goals through Windows 7 related group policy items.

(1).Installation Control

Run secpol.msc to open the Windows 7 Local Security Policy Console and navigate to “Security Settings”→“Local Policies”→ “Security Options" node, you can see many group policy items on the right side. There are four main items related to application installation, which are explained below.

User Account Control: Detects application installation and prompts for promotion. This option is enabled by default and determines whether Windows 7 automatically detects the installation of the application and prompts for promotion. By default, the installation of the application is automatically detected and the user is prompted to promote or approve the application to proceed with the installation. If this option is disabled, the user is not able to control the installation of the application.

User Account Control: An executable file that only enhances signatures and verifications. This option determines whether Windows 7 only allows running executables with signatures and valid ones. By default, this option is disabled. If this option is enabled, Windows will force the validity of the file public key certificate to be checked before the executable runs. Previous12Next page Total 2 pages