G
Guest
Hi,
We're running a security scan on our XP SP2 boxes and are being asked to
manually check the Access and Launch permissions on all the DCOM objects (we
are not being asked to disable DCOM altogether, interestingly). A number of
the objects use custom permissions - this scan is on a fresh XP load - and we
have to determine whether the accounts with Access/Launch rights are
authorized.
I have been reading MS articles, other posts here, and asked co-workers in
an attempt to understand DCOM, but now I'd like to locate a listing of the
standard DCOM object permissions for various XP objects, such as Automatic
Updates, WIA Device Manager, and Windows Media Player. Some of these list
accounts like SELF that I'm unfamiliar with and I'd like to figure out who is
assigned what rights by XP by default.
If you have any suggestions I will be most appreciative. I suppose we will
try the "disable DCOM and see what breaks" approach later on but for now I
hope we can better understand these more granular assignments. Thanks!
We're running a security scan on our XP SP2 boxes and are being asked to
manually check the Access and Launch permissions on all the DCOM objects (we
are not being asked to disable DCOM altogether, interestingly). A number of
the objects use custom permissions - this scan is on a fresh XP load - and we
have to determine whether the accounts with Access/Launch rights are
authorized.
I have been reading MS articles, other posts here, and asked co-workers in
an attempt to understand DCOM, but now I'd like to locate a listing of the
standard DCOM object permissions for various XP objects, such as Automatic
Updates, WIA Device Manager, and Windows Media Player. Some of these list
accounts like SELF that I'm unfamiliar with and I'd like to figure out who is
assigned what rights by XP by default.
If you have any suggestions I will be most appreciative. I suppose we will
try the "disable DCOM and see what breaks" approach later on but for now I
hope we can better understand these more granular assignments. Thanks!