Originally Posted By: CtrlAltDel
to Darwin_Koala also:
I do not allow users "free access to the C:\programs" folders ..
Originally Posted By: CtrlAltDel
they have free access to their own folder
why? An attacker gets an entire directory tree that they can write to, making possible compromisations slightly more difficult to find. Think about it: 7 installs, 4 or 5 directories each... 28-35 directories to search for files that may very well be hidden as .mp3 or even .dll files (not to mention the countless other directories that are within the users home dir). Heck they may even modify the .exe file so you can't load mIRC in Admin, or your entire system is bunked!
Originally Posted By: CtrlAltDel
(... As for updating, I install to the C:\mircversion folder (example: c:\mirc635) and simply copy/paste the new .exe file and help files (as necessary).
You are doing alot more work than I do. Simply install the new mIRC straight over the top.
Originally Posted By: CtrlAltDel
I fail to see how this is "bad practice" ..
The practice of installing separate copies for each user isn't a bad one, though it can be quite wasteful (particularly if you're talking about Microsoft Word). Failure to notice a serious compromise is a bad practice.
Originally Posted By: CtrlAltDel
... If they were in "one install" the scripts would be available for everyone which in MY opinion would be a security risk since I personally use scripts that the others have no business even seeing.
Not if you go through the trouble of setting up the user accounts in the control panel. If you have solely restricted account using mIRC, they shouldn't be able to modify the program files directory, so they'll save all of their data (.ini, scripts, downloads, etc) into their userdir. They won't be able to access each others scripts, or modify mIRCs core files (do not confuse with mIRCs settings files, which would be stored in the user's home dir somewhere).

Last edited by s00p; 20/11/09 10:52 PM.