Understanding Least Privilege User Account (LUA)

According to the Orange Book (Trusted Computing Security Evaluation Criteria), the
Priciple of Least Privilege states that –
A subject must be given the minimum possible set of privileges that it requires to execute just the assigned task on an object and only for the minimum amount of time those privileges are required.
It is important for secure systems to comply by this principle. Typically in Windows XP systems, at least one user account is created at the time of installing the system, which is given administrative privileges on the system so that a user logging in with that account has got the maximum privileges to perform any task on the system like:
a) Installing device drivers
b) Installing software applications
c) Changing System Date/Time
d) Installing Printer drivers
e) Connecting to WEP enabled wireless networks
f) Saving files inside system folders like c:Windows or C:WindowsSystem32
g) Making registry changes
Although an administrative user account is not required to perform normal user activities like – creating and saving files inside user profile folders like ‘Desktop’ or ‘My Documents’ etc., using Internet explorer, Installing user mode applications etc., most of the home users and many corporate users continue to work with administrative accounts even when not required to.
Question : What is the harm in working as an Administrative user on my computer?
Answer:  When you are logged in as an administrator on a Windows XP computer, most of the services and applications running in the background also run with administrative privileges. Since these services run in the background and have admin access to the system folders and registry they can do any change they desire to thes efolders/registry just like an administrator can.
Also, when you surf internet on Internet Explorer while logged in as an administrator, the Internet explorer application runs with administrative privileges itself. What this means is that during this time, if you surf any site that attempts to download and save a file in system folders like C:Windows, System 32 etc. it will be able to do that just like an administrator without even prompting for any permission from the user or informing him. This happens because the application saving the file inside the system folders is the "administrator" itself who does not require anyone else’s permission to make this change. Hence if this file is a virus, worm or any other infected file, it can make any desirable changes it wishes to make to the system. All this happens in the background about which the logged in admin user has no idea!!

5 thoughts on “Understanding Least Privilege User Account (LUA)”

  1. nice, but how come "LUA" is related to Vista, and it will be nice if u tell this is avialble on WinXP or vista or both?
    Also what if normal user been granted Adminstrative privileges, Vista/ XP will use this?

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s