Windows Vista Tips

Windows Vista Tips > Newsgroups > Windows Vista Security > Trusted Installer

Reply
Thread Tools Display Modes

Trusted Installer

 
 
KWilson
Guest
Posts: n/a

 
      08-24-2007
Why is Trusted Installer the owner of my C drive? And who is
TrustedInstaller, which is the way it is spelled on the Advanced Security
Settings for Local Disk (C under the Owner tab?
 
Reply With Quote
 
 
 
 
indivmed2008
Guest
Posts: n/a

 
      11-24-2007
I have the same question--and am having the same issues! I did a search in
the registry from 'trustedinstaller' and did find a few entries, but I don't
remember seeing this term ever used on Windows systems for security group
purposes...


"KWilson" wrote:

> Why is Trusted Installer the owner of my C drive? And who is
> TrustedInstaller, which is the way it is spelled on the Advanced Security
> Settings for Local Disk (C under the Owner tab?

 
Reply With Quote
 
 
 
 
Jacee
Guest
Posts: n/a

 
      11-24-2007

> trustedinstaller is an integral part of Windows Vista.
> This will affect all servicing so the ability to install all o
> updates
> including security updates may not be available, the ability to change
> optional components may not work, or to add or remove OS related
> components..
> Thanks,
> Darrell Gorter[MSFT]


It's best to leave this alone :

--
Jace

*MS-MVP Windows-Security 2006 & 2007
Posted via http://www.vistaheads.co

 
Reply With Quote
 
Darrell Gorter[MSFT]
Guest
Posts: n/a

 
      11-29-2007
Hello,
This is part of the new ACLS to help improve security in Windows Vista

From this link below: I am posting a couple of paragraphs that talk about
Trusted Installer:

http://www.microsoft.com/technet/tec...L/default.aspx

Trusted Installer The Trusted Installer is actually a service, not a user,
even though you see permissions granted to it all over the file system.
Service hardening allows each service to be treated as a full-fledged
security principal that can be assigned permissions just like any other
user. For an overview of this feature, see the January 2007 issue of
TechNet Magazine. The book Windows Vista Security (Grimes and Johansson,
Wiley Press, 2007) explores service hardening in detail, including how it
is leveraged by other features, such as the firewall and IPsec.

Trusted Installer In Windows Vista, most of the OS files are owned by the
TrustedInstaller SID, and only that SID has full control over them. This is
part of the system integrity work that went into Windows Vista, and is
meant specifically to prevent a process that is running as an administrator
or Local System from automatically replacing the files. In order to delete
an operating system file, you thus need to take ownership of the file and
then add an ACE on it that lets you delete it. This provides a thin layer
of protection against a process that is running as LocalSystem and has a
System integrity label; a process that has lower integrity is not supposed
to be able to elevate itself to change ownership. Some services, for
instance, can run with medium integrity, even though they are running as
Local System. Such services cannot replace system files so an exploit that
takes over one of them can’t replace operating system files, making it a
bit harder to install a rootkit or other malware on the system. It also
becomes more difficult for system administrators who are offended by the
mere presence of some system binary to remove that binary.




Thanks,
Darrell Gorter[MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights
--------------------
|> From: Jacee <>
|> Subject: Re: Trusted Installer
|> Date: Sat, 24 Nov 2007 22:12:23 +0000
|> Message-ID: <>
|> Organization: Vistaheads Windows Vista Community
|> User-Agent: vBulletin USENET gateway
|> X-Newsreader: vBulletin USENET gateway
|> X-Originating-IP: 12.73.26.107
|> References: <57375AB4-4CBD-4AE8-B968->
<5648F33C-9854-40FC-8912->
|> Newsgroups: microsoft.public.windows.vista.security
|> NNTP-Posting-Host: violet.webhostingireland.ie 81.17.241.50
|> Lines: 1
|> Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSF TNGP05.phx.gbl
|> Xref: TK2MSFTNGHUB02.phx.gbl
microsoft.public.windows.vista.security:10905
|> X-Tomcat-NG: microsoft.public.windows.vista.security
|>
|>
> trustedinstaller is an integral part of Windows Vista.

|> > This will affect all servicing so the ability to install all os
> updates

|> > including security updates may not be available, the ability to change
|> > optional components may not work, or to add or remove OS related
|> > components..
|> > Thanks,
|> > Darrell Gorter[MSFT]
|>
|> It's best to leave this alone


--
Jacee

*MS-MVP Windows-Security 2006 & 2007*
Posted via http://www.vistaheads.com

|>

 
Reply With Quote
 
jotaene
Guest
Posts: n/a

 
      01-17-2009

|> > components.

|> > Thanks
|> > Darrell Gorter[MSFT
|
|> It's best to leave this alone :

-
Jace

*MS-MVP Windows-Security 2006 & 2007
Posted via http://www.vistaheads.co

|
Actually there is a way around. Found it after testing a free softwar
that left one file in /windows/system32 after uninstalling the program
Left other crap in the registry also, which could be removed manually
I did the following
- right click over the file
- go to propierties of xxx.dll (or whatsoever), select security ta
- advanced options ta
- owner ta
-edi
- mark your username NNN which shuld be in the lower lis
- set as new owner in the lis
- close the windows that opene
- right click on the file agai
- click propiertie
- point to your username NN
- now you can change the propierties, beeing able to set write, delete
etc

Just tried (just for checking) with another file (a MS .dll file), worke
OK too
I use the spanish Vista version, tab names were translated, some ta
names could be different in english

jotaen

--
jotaen
Posted via http://www.vistaheads.co

 
Reply With Quote
 
 
 
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
mailto not trusted even when click from trusted site with IE7 & Vi Eric Windows Vista Mail 11 06-03-2008 06:01 PM
mailto not trusted even when click from trusted site with IE7 & Vi Eric Windows Vista General Discussion 7 05-05-2007 05:27 PM
mailto not trusted even when click from trusted site with IE7 & Vi Eric Internet Explorer 8 05-05-2007 05:27 PM
GPO for IE Trusted Sites, plus preserve users' existing trusted si TimS Active Directory 4 11-16-2005 03:39 PM
Enabling VPN with Trusted Computing Group Trusted Platform Modules Andreas Kuhn Active Directory 0 05-14-2004 03:26 PM