Comments on: Triggering programs from a web page

Question: Triggering programs from a web page

twine42 — Tue, 25 Oct 2005 01:29:32 -0800

Launching programs from a web page without meeting a "save/run" box.

Yes, I know this is a bad idea, but I want to switch my windows desktop to an active desktop with clicky links to trigger programs. Traditionally this means a save/run box appearing but I recall that activex controls can trigger cd-rom drives to eject, so I'm wondering if the same thing can trigger programs and files. Anyone any ideas how?

[Yes, I know the security implications, but this is a firewalled, virus checked machine that never uses IE for external connections and will be running a webpage from an on-machine webserver...]

By: alexst

alexst — Tue, 25 Oct 2005 01:53:19 -0800

Well if you wired up some sort of fun ActiveX control to launch programs from your Active Desktop it'd probably work. I don't think it's possible by default to do this from an Active Desktop though.

By: slater

slater — Tue, 25 Oct 2005 02:03:51 -0800

Isn't there a pref in IE to switch that off?

Or a check box in the "OMFG are you sure you want to run this?" window that sez something like "Stop asking me this"?

By: Rhomboid

Rhomboid — Tue, 25 Oct 2005 03:17:29 -0800

You should be able to just go into the Internet Options and adjust the settings for the "Local Computer" zone so that you can run executables without being prompted. I don't think this would require ActiveX or anything.

Just put a check in the "Pants down!" box. (just kidding...)

By: eriko

eriko — Tue, 25 Oct 2005 04:21:01 -0800

Yes, you can choose to trust all controls running on the local computers. It's also a fast way to get P@WNED!1!, since if you accidentally download a nasty applet, then run it, it runs as you.

Better to create the applets, sign them with a key you generate, then trust just applets signed with that key, rather than all applets run from your local computer.

Finally: There's an ironclad rule in Unix: Do Not Run As Root. It applies to Windows as well. Do Not Run As Administrator. Cut your privs back, and only wheel up (or better, use RunAs/sudo) when you really need to.

The less privs something has, the less damage it can do. You get a bum applet running under the "Act as a part of the operating system" priv, you can lose everything. Happens running under a limited user context, and the harm it can do is much less. That's why local exploits matter -- it would let an applet running under a user context to gain administrative context, and then comprimise the computer.