- Running vulnerable applications has been a long security practice on UNIX (or UNIX-like) operating systems, but the first versions of Windows didn't even include privilege separation.
Privilege separation means, that applications which run under unprivileged user accounts don't have write access to operating system's or other users' files. So, unless they exploit a security hole somewhere, they are unable to do any damage to your system.
It can also have other useful advantages, such as a separate configuration. This way you can set up your favourite browser to use the eepproxy under your I2P pseudo-user, but act as a normal browser under your own account.
However, privilege separation isn't 100% foolproof. Unprivileged users can exploit some security holes, or weak passwords to become a superuser. But even if it might not make the job impossible, it will make offensive attacks much more difficult to carry out.
Privilege separation doesn't provide you with anonymity. Once the attacker has control of an unprivileged user, he has access to some configuration parameters, the Internet, unprotected files, etc.
- TODO: Could anybody document user creation in Windows 2003?
Creating a user (Windows XP)[Bearbeiten]
- Open the Control Panel, and 'User Accounts' from there. Under 'Pick a task', choose 'Create a new account'
- Pick a name for the user. I'll use 'I2P' for an example. Click 'Next >'
- Choose 'Limited' access for the user. Click 'Create Account'
- Click on the user account you just created, select 'Create a password, and enter something into the fields. Password hint is not necessary, so you can leave it blank. Click 'Create Password' You can close the 'User Accounts' window now.
Creating a user (Windows 2000)[Bearbeiten]
- Open the Control Panel and open 'Users And Passwords' and click 'Add...'.
- Pick a name (I'll use 'I2P') and click 'Next >'.
- Enter the password and click 'Next >'. Normal password procedures and precautions apply here.
- Choose 'Restricted User' and click 'Finish'. Inexperienced users should skip to step #9.
- Switch to the 'Advanced' tab and click 'Advanced'.
- From 'Users' choose 'I2P' and double-click it.
- Check 'Password Never Expires' (this is less secure but prevents the hassle of changing the password and configurations periodically).
- In 'Home folder' select 'Local path' and enter a path to the user's 'Home', which is the default place where programs are started, usually.
- Click 'OK' on all windows you've opened.
Creating a user (Windows 95/98/ME)[Bearbeiten]
- These operating systems don't have a privilege system, so creating new user only gives you seperate configurations. As a bypass you can have several installations of the OS on the harddrive, but two can't run at the same time. A bootdisk will have to be used as well in order to boot an OS other than the primary OS (the last OS installed). You also can't run applications as separate users while logged on with your own user, so you're probably better off not using this anyway.
- TODO: Actually write how to set this up.
Launching usual applications[Bearbeiten]
- Go to wherever the application is located. Create a new shortcut anywhere you want.
- Right click on the new shortcut, select Properties and the Shortcut tab. Click the 'Advanced...' button and check the 'Run with different credentials' checkbox. Click OK, and OK (for both windows).
- Launch the shortcut you just created. A 'Run As' window should pop up. If it doesn't, you've done something wrong.
- From the 'Run As' window, select 'The following user:'.
- Fill the 'User name' and Password fields and click OK. The application should start up now.
Hiding from logon screen (Windows XP only)[Bearbeiten]
- For this you need the TweakUI PowerToy for Windows XP. Download and install it.
- Launch TweakUI from Start -> (All) Programs -> 'Powertoys for Windows XP' -> 'Tweak UI'
- From the left-side treeview, select 'Logon'
- Uncheck the box next to 'Show "username" on Welcome screen' (where username is the name of the user you want to hide)
- Click OK. That's it. :)
Running a service as a different user (Windows 2000/XP/2003)[Bearbeiten]
- Open the 'Control Panel' and double-click on 'Administrative Tools'.
- Double-click on 'Services'.
- Choose the service you wish to modify and doube-click on it.
- Switch to the 'Log On' tab.
- Under 'Log on as' choose 'This account'.
- Either enter the usersame manually ('I2P' in previous example) or click 'Browse' and choose the username from there.
- Enter the password twice in the two password boxes.
Click 'OK'. If the service is currently running, you may have to restart it.
Note: If I2P is running as a tray icon, its login can't be changed and it must have 'Interact with desktop' checked.
- Since this is a Wiki, you can edit this page yourself; contributions are welcome.