Change user access one app at a time

By Scott Dunn

In the “last issue, I explained how to use XP without administrator rights to simulate the safety offered by Vista’s User Account Control.

Readers responded with their own tools and tricks to stop programs from gaining full (and therefore risky) access to your system.

Free software lets you limit user access

Some people find it onerous to run Windows as anything but an administrator. For those people, reader Scott Beatty has a suggestion:

  • “My favorite way to avoid running selected programs, such as browsers and e-mail clients, with admin rights is to use the Sysinternals program PsExec. I add the following string to the front of the Target for the icon that launches the program that I want to limit.”

    “c:windowssystem32psexec.exe” -l -d

PsExec is part of the free PsTools collection, which you can download from Microsoft’s TechNet site. (The original developer, Sysinternals, was recently acquired by Microsoft.)

Although it was intended for launching programs on remote computers, you can use the command-line switches Beatty recommends to run any app as a limited user. The -L switch limits the application’s privileges. The -D switch makes the command window disappear as soon as the program is launched.

For example, to implement Beatty’s tip for Internet Explorer, follow these steps:

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.



= Paid content

All Windows Secrets articles posted on 2007-08-09: