| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: hiding from the admin |
From: "Hrvoje Mesing"
Sorry,
This is smack in the face!
Im thirsty, bye!
-+-
M.
"Geo." wrote in message
news:42247612$1{at}w3.nls.net...
> HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E965-E325-11CE-BF
> C1-08002BE10318}\Properties
>
> HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BF
> C1-08002BE10318}\Properties
>
> why would registry keys be set to block the admin from even reading them?
> Yeah you can change the permissions, restart regedt32 and go in and read
> what's there but I don't understand why nothing is allowed to read a
> registry key except for the system. I mean it's my machine, I'm the admin,
> I'm logged in as admin, doesn't that mean that in this little world of
> mine
> I should be the absolute user?
>
> Can anyone think of a reason to block the admin? (other than some
> programmer
> thinking he outranks me on my own computer)
>
> Ok here's another one, login as admin, get to C: (or any ntfs drive) and
> type this
>
> c:\> cd $extend
> Access is denied.
>
> hmm, not even read access?
>
> c:\> cd $UpCase
> The directory name is invalid.
>
> and yet it does exist..
>
> I find things like this mildly annoying and I'm trying to understand why
> when I've told my system to not hide anything from me in the explorer
> folders settings it's still insisting on hiding things from me.I mean
> these
> are the types of features that hackers use to root a machine and hide that
> fact from the admin so I really like to try to understand why the admin
> wouldn't even have read access or in the case of $upcase even the command
> line ability to detect that it's there.
>
> another one that really ticks me off is how it hides
> \Documents and Settings\Administrator\Local Settings\Temporary Internet
> Files\Content.IE5
> from the administrator and how it doesn't purge those files when I tell it
> to purge the IE cache. This one I consider very rude and a definite
> security
> issue if you as the admin of your own machine want to remove traces of
> what
> websites you have visited.
>
> Geo. (all on W2K of course)
>
>
--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)SEEN-BY: 633/267 270 5030/786 @PATH: 379/45 1 106/2000 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.