Secure Runner

Step-By-Step instructions for using Secure-Runner


Important Security note
Secure-Runner recognizes allowed programs by their full path (e.g. C:\Program files\SomeVendor\SomeProgram.exe). Malicious user or program could replace an allowed program with any other program and then have it executed with administrator rights. Limited users should not be able to overwrite any of the allowed programs. This is automatically true for programs installed in Program Files where limited users have only read access but if you allow users to run some program located in different place than the Program Files or Windows folder, make sure you set the access rights for the user or Users group so that they can only read and execute from this folder. 



Why I have to enter the password for administrator?
Every program which is started in Windows is given a set of rights which define what the program is allowed to do (for example, if it can write to system folders on the disk, access computer hardware etc.). However, these rights are not defined for each program but rather for each person who has user account on the computer. After all, each program is started by some user (except for special system programs), so each program receives the rights of the user who started it. 

For example, if you have user account "John" on your computer and this account is of the "Limited user" type, every program started by John has John's limited rights - e.g. it cannot write into system folders. This is problem for some programs which were designed with the assumption that they will run with full access to the computer and if they do not have this access they crash or do not work properly. A way around this is to start such a program as a different user. This is possible in Windows. Any user can start any program with privileges of another user provided he/she knows the name and password of this user. So if John knows the password for Administrator account on the computer, he can start any program as administrator. But assume you do not want John to know the Administrator password, yet you want him to be able to start the program with Administrator rights. This is Secure-Runner's job. It takes responsibility for remembering the password instead of John and providing it to Windows when John needs to start the program. When you enter the name and password for some administrator account on your computer, Secure-Runner saves this password and "auto-fills" it when needed. 


[Home] [Secure Runner home]