User Accounts/Power Policy vulnerabilities?

[Lee J. Moore]

By giving User Accounts full access to the following HKEY_LOCAL_MACHINE
keys, I wonder whether there are any security issues I should worry about:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Controls Folder\PowerCfg\GlobalPowerPolicy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Controls Folder\PowerCfg\PowerPolicies

I've had to do this so that the Intel Centrino clock speed can be stepped
up and down (by the Intel SpeedStep systray app) automatically when regular
users login. Important for the sake of battery life.

I'm more worried about vulnerabilities that can be taken advantage of either
remotely or by dodgy executables, than by any laptop user being deliberately
malicious.

(WindowsXP Pro if that matters.)

 

[Roger Abell [MVP]]

I would not be too concerned. Only applications that look to
those keys will be impacted by changes made to them.
Just allowing Users to change these does not even mean that
they, let alone unauthorized people, will be able to change these
remotely (over network).
If your users are trusted I do not feel that this introduces much
exposure or risk.

 

[Lee J. Moore]

I would not be too concerned. Only applications that look to
those keys will be impacted by changes made to them.
Just allowing Users to change these does not even mean that
they, let alone unauthorized people, will be able to change these
remotely (over network).
If your users are trusted I do not feel that this introduces much
exposure or risk.

Thanks Roger.

 

[Roger Abell [MVP]]

Thanks Roger.

No problem Lee.
--ra