Control Panel
in [Customize Windows]
|
From: David on 12 Jan 2010 04:32 I run a day care center. Part of my program provides PCs with educational software for the children to use. The PCs are all XP/HOME SP3. The accounts available to the kids are all user access accounts with as few privleges as possible. Still, the more inventive kids seem able to make undesireaable system changes. What I want to know is whether or not I can restrict access to the Control Panel. I don't really care if the kids can see Control Panel. What I want is to prevent any user without administrative privleges from actually using the Control Panel. Is this possible?
From: MICROSOFT on 12 Jan 2010 14:26 A program called Deep Freeze will reset everything back to what it used to be upon restart I believe. Another option is to use something like Sandboxie. Deep Freeze might be better though. Sandboxie is a little hard to grasp for some people. > I run a day care center. Part of my program provides PCs with > educational software for the children to use. The PCs are all XP/HOME > SP3. The accounts available to the kids are all user access accounts > with as few privleges as possible. Still, the more inventive kids > seem able to make undesireaable system changes. > > What I want to know is whether or not I can restrict access to the > Control Panel. I don't really care if the kids can see Control Panel. > What I want is to prevent any user without administrative privleges > from actually using the Control Panel. Is this possible? >
From: Nepatsfan on 12 Jan 2010 14:50 <David> wrote in message news:64gok51cm2h1q44f0p6lm4ggon6g0qf8g6(a)4ax.com... >I run a day care center. Part of my program provides PCs with > educational software for the children to use. The PCs are all XP/HOME > SP3. The accounts available to the kids are all user access accounts > with as few privleges as possible. Still, the more inventive kids > seem able to make undesireaable system changes. > > What I want to know is whether or not I can restrict access to the > Control Panel. I don't really care if the kids can see Control Panel. > What I want is to prevent any user without administrative privleges > from actually using the Control Panel. Is this possible? > You might consider this program. Windows SteadyState http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx For more info on configuring Windows SteadyState, take a look at this web site. Windows SteadyState Manual http://download.microsoft.com/download/d/2/6/d261b347-2f03-4bcf-8240-8b7a66beef8a/Windows%20SteadyState%20Handbook.pdf Any other questions you have concerning the program should be posted to this web site. Windows SteadyState Forum http://forums.microsoft.com/WindowsToolsandUtilities/ShowForum.aspx?ForumID=1660&SiteID=69 Good luck Nepatsfan
From: David on 12 Jan 2010 15:35 Deep Freeze seems a good option. Thanks My office workstation has XP/PRO SP3. One difference between XP/PRO & XP/HOME allows me to see the security tab when right-clicking on a file & selecting Properties. I found an executable file c:\windows\system32\control.exe which apparently runs the Control Panel. Upon checking the security tab, I found SYSTEM & Admin accounts have full privileges. However USER accounts have Read & Read/Execute. What would happen if I removed Read/Execute from Control.exe for user accounts leaving only Read privilege? It seems at least that this would prevent USERs from using Control panel. If I did this, would there be any adverse consequences I have not thought of? How do I access the security tab on a XP/HOME machine? On Tue, 12 Jan 2010 13:26:00 -0600, MICROSOFT <blah(a)blah.blah> wrote: >A program called Deep Freeze will reset everything back to what it used to >be upon restart I believe. Another option is to use something like >Sandboxie. Deep Freeze might be better though. Sandboxie is a little >hard to grasp for some people. > >> I run a day care center. Part of my program provides PCs with >> educational software for the children to use. The PCs are all XP/HOME >> SP3. The accounts available to the kids are all user access accounts >> with as few privleges as possible. Still, the more inventive kids >> seem able to make undesireaable system changes. >> >> What I want to know is whether or not I can restrict access to the >> Control Panel. I don't really care if the kids can see Control Panel. >> What I want is to prevent any user without administrative privleges >> from actually using the Control Panel. Is this possible? >>
From: Tim Meddick on 12 Jan 2010 19:06 [re]Setting the file permissions on control.exe may have negative and unforeseen effects on the Window's Explorer shell and would not necessarily stop individual CPLs (Control Panel Extensions) from being opened. This is because in the right-click menu in explorer for [.cpl] files, there are two ways of opening ; one is "open with Control Panel" and yes, this would *not* work if you modified the permissions, as you said. But the other item "Explore" uses the system command : rundll32.exe shell32.dll,Control_RunDLL "%1" ....to open [.cpl] files and this *still* works (bypassing control.exe). So, if you did what you suggested - Control Panel would not show up in "My Computer" and would not be accessible but may also cause Explorer to crash. And, anyway, if the user looked in the system32 folder and right-clicked on a [.cpl] file it could still be opened by choosing "Explore". *([.cpl] files account for most of the items that show up in Control Panel) == Cheers, Tim Meddick, Peckham, London. :-) <David> wrote in message news:9kmpk5hvs3outkf21k38414lv2q7rg3g65(a)4ax.com... > Deep Freeze seems a good option. Thanks > > My office workstation has XP/PRO SP3. One difference between XP/PRO & > XP/HOME allows me to see the security tab when right-clicking on a > file & selecting Properties. > > I found an executable file c:\windows\system32\control.exe which > apparently runs the Control Panel. Upon checking the security tab, I > found SYSTEM & Admin accounts have full privileges. However USER > accounts have Read & Read/Execute. > > What would happen if I removed Read/Execute from Control.exe for user > accounts leaving only Read privilege? It seems at least that this > would prevent USERs from using Control panel. If I did this, would > there be any adverse consequences I have not thought of? > > How do I access the security tab on a XP/HOME machine? > > > > > On Tue, 12 Jan 2010 13:26:00 -0600, MICROSOFT <blah(a)blah.blah> wrote: > >>A program called Deep Freeze will reset everything back to what it used to >>be upon restart I believe. Another option is to use something like >>Sandboxie. Deep Freeze might be better though. Sandboxie is a little >>hard to grasp for some people. >> >>> I run a day care center. Part of my program provides PCs with >>> educational software for the children to use. The PCs are all XP/HOME >>> SP3. The accounts available to the kids are all user access accounts >>> with as few privleges as possible. Still, the more inventive kids >>> seem able to make undesireaable system changes. >>> >>> What I want to know is whether or not I can restrict access to the >>> Control Panel. I don't really care if the kids can see Control Panel. >>> What I want is to prevent any user without administrative privleges >>> from actually using the Control Panel. Is this possible? >>>
|
Next
|
Last
Pages: 1 2 3 4 Prev: Wow, the trolls are coming out of the woodwork again! Next: remove fragmented files |