UAC Virtualization

[sablefoxx]

Been running the beta of Windows 7 for a couple days and i noticed that in the Task Manager, when you right click on a process there is now an option called "UAC Virtualization", does anyone know what this does? I did some Googling but i could only find information on Vista, i also noticed that they finally added "Open File Location" and "Go to Service(s)" to the right click menu by default (yay!).

[Kahoona]

First post ever on the forums! Yay!

The UAC stands for User Account Control.

Basically, UAC virtualization makes it possible for users to run applications that normally require administrative access. It achieves this by creating (and storing) virtual copies of areas such as system32, program files or even registry areas such as HKLM\Software. So when an application requests access to those system protected areas, UAC virtualization redirects those requests to the virtualized versions located in the user's profile.

For more info check out:

http://www.windowsecurity.com/articles/Pro...tion-Part1.html

Hope that makes sense. I just started testing Windows 7 at work. I'll share some of the interesting things found in a later post.

[digip]

Sandboxing would be a nice feature out of the box. Especially if something gets hosed, you could just reset it to the original state or delete and create a new one. I use Sandboxie to do this in XP, but if they added a feature like that to the OS, it would greatly improve saftey to the OS and applications from getting infected. They should have a permanent "ready state" like browser that lets you do whatever you want, downlaod whatever you want, etc, malware, virii, and never let it leave the sandbox so you can kil lit and reset it at any point in time.

[Kahoona]

I took a quick look at Sandboxie (I had never heard of it). I'm gonna give it a whirl because it looks interesting.

Up to this point, I isolate my dev testing within virtual machines (fan of VMWare workstation but I've used VirtualBox and MS Virtual PC). The original post reminded me of something I read; supposedly Windows 7 would add native support for VHD, which potentially could provide a sandbox (a bit more overhead in comparison to how Sandboxie appears to work).

I forgot to mention VMWare ThinApp (http://www.vmware.com/products/thinapp/). It allows applications to be virtualized rather than an entire OS. I"ve used it to create standalone packages of IE7 and I've seen it used to create standalone packages of Office 2007. It's pretty slick but has a bit of a pricetag. I know Matt is a big fan of VMWare products (he's mentioned them in a number of episodes) so I'm curious if he has mentioned ThinApp in the past. I'll have to check out more of the previous seasons to follow-up.

[sablefoxx]

I love Sandboxie, but they'll probably never be a 64-bit version due to the Kernel protection built into Windows Vista/7, it'd be awesome to something as robust as Sandboxie built into the OS.

Yeah, lol, Thinstall (just recently renamed to "thinapp") is very useful (kinda an old post) http://hak5.org/forums/index.php?showtopic...mp;hl=Thinstall