[ajug-members] Do Developers need Administrator rights

Dean H. Saxe dean at fullfrontalnerdity.com
Thu Dec 21 11:01:02 EST 2006 

Developers should not develop code under any administrative account.   
This is designed to force the implementation of the principle of  
least privilege for your code.  Your code should be able to run under  
a low privileged account, if admin privileges are required this  
forces you to use impersonation and, hopefully, you limit the scope  
of impersonation to the smallest possible block of code which needs  
the increased privilege level.

Now, do I as a developer need admin rights?  I see the argument from  
both sides.  However, full admin rights are not generally needed.   
Network admins can assign specific user rights to developers to allow  
them more flexibility, but full admin rights on the local box are  
often not needed.

And while you can't do sudo on Windows, you can use runas to  
impersonate another user.

-dhs


Dean H. Saxe, CISSP, CEH
dean at fullfrontalnerdity.com
"I have always strenuously supported the right of every man to his  
own opinion, however different that opinion might be to mine. He who  
denies another this right makes a slave of himself to his present  
opinion, because he precludes himself the right of changing it."
     -- Thomas Paine, 1783


On Dec 21, 2006, at 10:44 AM, <tooger at bellsouth.net>  
<tooger at bellsouth.net> wrote:

> Fellow Developers
>
> I need your input on the topic of administrator priveleges. The  
> public network is a dangerous place. To protect the interests of  
> the business, a network administrator has to put in place  
> significant defenses. One of these defenses is to impose a policy  
> that restricts a user from installing whatever they want onto their  
> desktop/laptop.
>
> In the Windows world, this typically means that the user has no  
> administrator priveleges. This policy works well for the typical  
> user and certainly prevents them from installing all sorts of  
> rubbish on their corporate desktop exposing the business in many  
> different ways. The larger the company, the greater the risk, the  
> more restrictive the policy. I have found though that this policy  
> doesn't work too well for Developers (or is it just me).
>
> Developers need to be able to install versions of tools and  
> products at will. At times, they may need to have access to the  
> registry. They may need to install and run desktop editions of some  
> pretty advanced software e.g. Oracle XE or SQL Server 2005 Express  
> as part of building their development environment. Trying to do our  
> jobs without Administrator priveleges is like being forced to paint  
> a room with a toothbrush and your hands tied behind your back. (Of  
> course, I would say the Windows security model is the root issue -  
> can I do sudo in Windows?)
>
> However, I also recognise the need for a network administrator to  
> secure the network.
>
> What is the solution to providing a flexible development  
> environment for developers without exposing the network? One  
> solution may be to have a dedicated development network separate to  
> the corporate network. What are your thoughts on this solution?  
> What about other solutions (virtual environments)? How do you cope  
> with such restrictive policies (personally, I've had to resort to  
> using my own laptop and private network at work)?
>
> Jason
>
> _______________________________________________
> ajug-members mailing list
> ajug-members at ajug.org
> http://www.ajug.org/mailman/listinfo/ajug-members
>

More information about the ajug-members mailing list