limited account should be more secure, but...

I’m using XP sp3 and CIS v4.0 beta
i’m using sudo implementation 2.2, which switches user down to an limited account (like UAC for XP)

and here is the link :
I think limited account mode should be more secure than admimistrative mode…

but i get a strange result when i ran a comodo leaktest.
this is the result when i test it in administrative mode.

330/340, except the “coat” test.

but when i run it again with limited mode, i get a worse result:

260/340, strange, isn’t it?

does leaktest have a bug?
Can someone explain why this happens?
I attach the leaktest log file.


[attachment deleted by admin]

I got an answer, but the problem still remains.

I unchecked this part and i got an “obtaining privilege” alert and got a less poor result.
but one problem still exists - why “ExplorerAsParent” test still fails?

and at last here is the description

23. Impersonation: ExplorerAsParent
What does it do ? Tries use explorer.exe to connect to the Internet.
What is the risk ? Firewalls may miss the real applications behind the internet connection requests.


[attachment deleted by admin]

A bit off topic, but you should probably consider switching to SuRun. It might cause complications though, given you are already using SuDown.

Here’s some information about SuRun:

If you do go down the SuRun pathway (it works perfectly for me by the way), there is only one change I would make of how to implement it. Most web-sites and information on the web recommend to create an administrator account and then strip it down to a limited account with SuRun.

However, it’s best to create a fresh/new limited account and then use SuRun with it to elevate processes to administrator level as required.

whopps :o :o :o :o
so SuDown has some vulnerabilities.
thank you for your advice and i should switch to suRun.

actually i use tweaked SuDown (with source, i love open source 8) )

[attachment deleted by admin]

:-TU got interested

I switched to surun and got a 100% protected result :smiley:

[attachment deleted by admin]

It seems that we don’t need any UAC like software if we install CIS v4.

CIS v4 automatically reduces programs’ rights to limited mode, and asks user if the program requests privilege.

what we need to do is install CIS and logon to limited account, that’s all.

:comodo110: :comodo110: :comodo110:

(what a poor english ???)