I recently had a chat with Tonny Bjorn after my recent blog post and he pointed me to a solution he is using to have users running as non-admin on Windows XP and still having the ability to elevate: He uses a freeware called Sudo for Windows and seems to be fairly happy with it. I have to possibility to look into it (I am running Windows 7 or Windows Vista) but you might want to consider something like that. The real disadvantage is that it installs a service (I think as Local System). So, if this service has a vuln, you are toast as well…
So, I cannot recommend this as I do not know it well enough but it might be worth a look
always make me nervous when I click a link (such as the link to the sudo site) that windows live blocks! Any ideas as to how this is different then runas?
This a good wrap of how it works:
[snip]Sudo for Windows (sudowin) allows authorized users to launch processes with elevated privileges using their own passphrase. Unlike the runas command, Sudo for Windows preserves the user's profile and ownership of created objects.[/snip]
If you want it from the source, check out this link: