UAC asks for permission to run sbsclnt.exe

[Guest]

Hi,
just added a new Laptop which is the first machine in the company
running Vista Business to our company domain which is running under Windows
2000 SBS, everytime it logs into the network I get the Permission to run
request for sbsclnt.exe which it says is unsigned!
I appreciate the extra security provided by the UAC but it appears
from my reading as a Vista virgin that it is either on or off. Is there
anyway of adding "approved" programs to a list which will always be allowed
to run unhindered providing they haven't been changed?

THANKS

 

[Jimmy Brush]

Hello,

Firstly, make sure you have upgraded SBS to the release that they made
available to make it fully compatible with Vista - this should help out with
this!

Unfortunately, always-elevating specific programs is not possible.

UAC is designed to notify you whenever a program runs with admin privileges,
so that if you did not intend for an administrative program to run, you can
stop it from happening.

This also allows programs that don't need admin privileges from having them,
which adds a good deal of security to the system.

If you could tell a program to always run with admin privileges without
prompting, you would also be letting any malicous program use that program
to take control over your system without your permission.

For example, if you marked that sbs utility to not prompt, a malicious
program could scan for it and use it to perform administrative actions on
your computer without your knowledge or consent.

--
- JB
Microsoft MVP - Windows Shell/User

Windows Vista Support Faq
http://www.jimmah.com/vista/

 

[Guest]

--
John Franks MIScT, MIAP, MCSA, MCSE, MCDBA

Hello,

Firstly, make sure you have upgraded SBS to the release that they made
available to make it fully compatible with Vista - this should help out with
this!

Unfortunately, always-elevating specific programs is not possible.

UAC is designed to notify you whenever a program runs with admin privileges,
so that if you did not intend for an administrative program to run, you can
stop it from happening.

This also allows programs that don't need admin privileges from having them,
which adds a good deal of security to the system.

If you could tell a program to always run with admin privileges without
prompting, you would also be letting any malicous program use that program
to take control over your system without your permission.

For example, if you marked that sbs utility to not prompt, a malicious
program could scan for it and use it to perform administrative actions on
your computer without your knowledge or consent.

--
- JB
Microsoft MVP - Windows Shell/User

Windows Vista Support Faq
http://www.jimmah.com/vista/

Thanks, I fully agree that the added security is a good thing but it would
be nice if it was possible to set a specific program not to prompt, I accept
your comment about a malicious program trying to use this as a backdoor but
surely some sort of checksum system could be incorporated to ensure that
allowed programs had not been modified or their code tampered with before
running?

 

[Jimmy Brush]

Unfortunately, the problem can't be solved via checksumming, because the
malicious program isn't CHANGING the trusted program - it is simply running
it, as is.

The problem is that the malicious program would be USING the system
utilities on your computer to do things that it is blocked from doing
itself.

A good example is the command prompt.

If you trusted the command prompt to always run as admin without prompting,
a malicious program could start an instance of the command prompt with the
following command line:

cmd /c "evil.exe"

Or even

cmd /c "rmdir /S /Q c:\"

Sine the command prompt is started with administrator privileges, it will
thusly run evil.exe or any other command with full administrator privileges
(without prompting you), and so the malware has completely bypassed UAC
without modifying any file on your computer.


--
- JB
Microsoft MVP - Windows Shell/User

Windows Vista Support Faq
http://www.jimmah.com/vista/