Saturday, April 21, 2007

Running Internet explorer in a secured account

We all know the security pitfalls that exist in Windows XP's default configuration.
One solution which is widely recommended is to set a new account which is not the default administrator account, and use it for day to day activities.
As a developer I like the freedom I get from administrator privileges, and I don't want to sacrifice comfort for security.

However, surfing the web may still expose me to dangers, so I decided to set up a limited account for IE.

First I created a new user under the "users" group.
After I created a new shortcut for IE, I went into "properties" and modified the "target" text box:
C:\WINDOWS\system32\runas.exe /user:NewUser /savecred "C:\Program Files\Internet Explorer\IEXPLORE.EXE"

The only downside of this is that you lose all existing configuration data for IE.
And I can still run IE in my admin account whenever I like to.

No comments: