![[SJF Logo]](/images/unixwiz-logo-140x80.gif){kind=logo}
« Advisory: USPS Information Disclosure Vulnerability | Main | Keyword blacklisting for MT Trackback spam »
April 11, 2005
Running as non-admin: Office 2003
I have been trying valiantly to run as a non-Administrator, non-PowerUser on my XP box - this is supporting the Limited User Access (LUA) principle that many of us have been espousing for some time. Only by getting experience as LUA can we seriously make this recommendation for others.
About a month ago, Office 2003 started giving me "Preparing to install..." messages every time I started Word/Excel/Outlook, and it burned about 45 seconds every time even though it appeared to run successfully. This, not surprisingly, got very old.
Google was no particular help, and neither were my contacts at Microsoft (somebody suggested it might be related to an MSN Messenger upgrade, but nothing came of that), so this morning I really dug in with the lovely RegMon (Registry Monitor) tool from the smart guys at SysInternals.
The idea, of course, is to look for access denied entries, but it's not so simple to just open up every registry key to which the user does not have rights. Lots of software anticipates these failures by attempting parallel opens on either
- the same key but requesting less rights, or
- a parallel key in HKEY_CURRENT_USER
Searching for Access Denied through the hundreds of thousands of entries in RegMon showed many pairs of failure-then-success accesses, but one key didn't seem to have this pairing:
HKEY_CLASSES_ROOT\Software\Microsoft\MasterAggregatorForIPP\MSDAIPP
I generally expand permissions with a special group ("LUA Hacks") so it documents that the key was opened for this purpose, and now it seems to work just fine.
I have no idea what caused it to break, or why this fixes it, but I can't be the only one having this problem: hopefully this blog entry will help somebody else.
Posted by steve at April 11, 2005 12:30 PM
Trackback Pings
TrackBack URL for this entry:
http://www.unixwiz.net/mt/trackback/33
Listed below are links to weblogs that reference Running as non-admin: Office 2003:
» Dangerous 133t hackers :-) (or how blank script-kiddies could be...) from Valery's blog
[Read More]
Tracked on April 25, 2005 04:48 AM
Comments
Hi Steve,
I've got the same problem as you mention in your Office 2003 post re the apps running Windows Installer multiple times on startup and that you fixed it by granting permission to HKEY_CLASSES_ROOT\Software\Microsoft\MasterAggregatorForIPP\MSDAIPP so I've tried to grant access to everyone so they can write to this key. I'm still getting the error messages though. Any suggestions?
Thanks
Chris
Posted by: Chris at September 30, 2005 02:38 AM