runas /savecred - a dirty hack?

Hello *,
I have got some questions about runas:
How does it work (how do I write my own runas)?
Where get the entered login-informations saved if I use /savecred?
How are they protected from the (non-privileged) user? Are the
encrypted? - If, it seems be a symmetric encryption - but where is the
key stored? Why shouldn't my (non-privileged) user get that key and get
my admin-password as plain-text?
Is there a save solution to permit certain users admin-access to
certain-applications (not all) - just like good old unix s-bit?

Thanks for your help...

Henning

HOW TO: Enable and Use the "Run As" Command When Running Programs in Windows
http://support.microsoft.com/defaul...6&Product=winxp

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/

-------------------------------------------------------------------------------------------------------------

"Henning Meyer (remove the numbers)" <Henning_Meyer123@gmx.net> wrote in message:
news:c68f4c$8ppo2$1@ID-105195.news.uni-berlin.de...

| Hello *,
| I have got some questions about runas:
| How does it work (how do I write my own runas)?
| Where get the entered login-informations saved if I use /savecred?
| How are they protected from the (non-privileged) user? Are the
| encrypted? - If, it seems be a symmetric encryption - but where is the
| key stored? Why shouldn't my (non-privileged) user get that key and get
| my admin-password as plain-text?
| Is there a save solution to permit certain users admin-access to
| certain-applications (not all) - just like good old unix s-bit?
|
| Thanks for your help...
|
| Henning

Henning,
You may wish to check out the following app for creating a process using
the "runas" while integrating the username/password. Very Slick :-)

http://www.joeware.net/win32/zips/CPAU.zip

or

http://www.joeware.net/win32/index.html

Cheers
VIGUY


Henning Meyer (remove the numbers) wrote:
> Hello *,
> I have got some questions about runas:
> How does it work (how do I write my own runas)?
> Where get the entered login-informations saved if I use /savecred?
> How are they protected from the (non-privileged) user? Are the
> encrypted? - If, it seems be a symmetric encryption - but where is the
> key stored? Why shouldn't my (non-privileged) user get that key and get
> my admin-password as plain-text?
> Is there a save solution to permit certain users admin-access to
> certain-applications (not all) - just like good old unix s-bit?
>
> Thanks for your help...
>
> Henning

nice thing...can you make the source available, please ?
Would be great...

What about /savecred (where does the data get stored) ?

Henning

VIGUY wrote:
> Henning,
> You may wish to check out the following app for creating a process using
> the "runas" while integrating the username/password. Very Slick :-)
>
> http://www.joeware.net/win32/zips/CPAU.zip
>
> or
>
> http://www.joeware.net/win32/index.html
>
> Cheers
> VIGUY
>

Thanks, but I already know how to use it, I just wanted to know how it
works internally...(what system-calls does it use....)

Henning

Carey Frisch [MVP] wrote:

> HOW TO: Enable and Use the "Run As" Command When Running Programs in Windows
> http://support.microsoft.com/defaul...6&Product=winxp
>