A client of ours wanted us to creat

[Moxica]

A client of ours wanted us to create a "one-click" install
for a package we distribute.
We told him beforehand that creating an installer like this
would require administrator rights on the specific machines.
Now, afterwards he wants us to be able to do the installation WITHOUT administrator rights.
As far as I know, in order to enter registry keys on NT/2000
you must have those rights to insert registry keys and start
services. His defense is, "if trojans can do it, why can't you?" Am I right or wrong in this case?

 

[lfaustino]

Hello,

He is wrong, you are right. In fact one of the reasons, a network administrator should only use an administrator account for administrator tasks and not on a daily basis, is exactly this, if the user does not have rights to certain files they will not get infected, and if a user has no access to the registry no trojan will write to it.

Hope this helps. Luis Faustino
IS/IT Consultant

http://www.lf-consulting.com

info@lf-consulting.com

 

[ivanovitchi]

Well if your Client is so big get him to bloody do it!!!!
People like that want want want but will they give give give?

You tell your client don't get involved in matters he does not know about "dick head"

Have a nice day ;-)