VMware THIN4-CL-C Getting Started Guide - Page 13

User Mode, Improved Security in User Mode

Get VMware THIN4-CL-C - ThinApp Client - PC PDF manuals and user guides View all VMware THIN4-CL-C manuals
Add to My Manuals
Save this manual to your list of manuals

Page 13 highlights

Introduction to VMware ThinApp User Mode VMware ThinApp uses user mode for application virtualization. User mode maintains system security, stability, and usability. Windows runs all code in one of two modes, user mode and kernel mode (also referred to as Ring3 and Ring0 respectively). The two modes reflect two different security models that are enforced directly by your Intel or AMD processor. Code running in kernel mode has full machine access with no security controls. For example, your code can write to raw device ports, intercept, and filter system‐wide file system activity, read and write machine‐wide process and kernel memory, and access any kernel or process objects without regard for security descriptors. Kernel mode code is either a device driver or the Windows kernel itself. User mode is the mode in which all applications run. User mode has strict security policies applied at all times. User mode code cannot do anything to a machine that directly causes it to fail or violate applied security policies. For example, user mode code cannot access files owned by other users unless file system permissions allow it. User mode code cannot make network connections unless the group security policy enables it to do so. Any 80386 (Pentium+) and higher processors enforce a specific security policy on user mode applications by prohibiting them from executing instructions that talk to device ports directly, preventing access to memory in other processes, and by preventing execution of kernel mode without first going through specific controlled entry points. For user mode code, Windows supports many different sets of user accounts that are based on security policies. For example, administrator and guest accounts are user‐based security policies. Administrators typically have nearly full permission to access any system objects they want, while guests are restricted and cannot read other users' files or write to global locations on a machine. Both administrators and guests run applications in user mode, but switch to kernel mode when making system calls to access objects. Kernel‐mode code verifies security descriptors to check if users have access to the objects they request. User mode enables ThinApp to do the following: „ ThinApp can run applications on locked‐down PCs without administrator rights. This means remote users can execute applications on kiosk and hotel PCs where they are not able to install software or device drivers. „ ThinApp can run applications directly from USB flash devices and various portable storage. Because ThinApp can be loaded without a client component, you can use a packaged application on any PC or network share. „ ThinApp operates with all system‐level software and does not conflict with device drivers. Improved Security in User Mode Software applications typically have bugs that create potential security problems. For example, Internet Explorer can be used to force machines with Internet access to execute code using an HTML email or redirecting page views to specific Web sites. With Windows Vista, Microsoft runs Internet Explorer from a separate user account that has limited security rights. Because of this, a compromised Internet Explorer account cannot do anything to the rest of the machine. This solution is possible because Internet Explorer runs in user mode. Because ThinApp runs in user mode, any bug or vulnerability presents no additional risk to the rest of the system because all ThinApp code is running in user mode in the same security context as the application. Other solutions use device drivers and run significant amounts of kernel‐mode code. If these solutions are compromised, you can lose full control over your machine. User mode code can be walled off using user accounts but kernel‐mode code cannot. Because ThinApp runs in user mode, it has the same rights and permissions as any other application a specific user has. ThinApp cannot exceed the security rights of the user account it is running in because it has no device drivers or components running in kernel mode. VMware, Inc. 13

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
VMware, Inc.
13
Introduction to VMware ThinApp
User Mode
VMware ThinApp uses user mode for application virtualization. User mode maintains system security,
stability, and usability.
Windows runs all code in one of two modes, user mode and kernel mode (also referred to as Ring3 and Ring0
respectively). The two modes reflect two different security models that are enforced directly by your Intel or
AMD processor. Code running in kernel mode has full machine access with no security controls. For example,
your code can write to raw device ports, intercept, and filter system
wide file system activity, read and write
machine
wide process and kernel memory, and access any kernel or process objects without regard for
security descriptors. Kernel mode code is either a device driver or the Windows kernel itself.
User mode is the mode in which all applications run. User mode has strict security policies applied at all times.
User mode code cannot do anything to a machine that directly causes it to fail or violate applied security
policies. For example, user mode code cannot access files owned by other users unless file system permissions
allow it. User mode code cannot make network connections unless the group security policy enables it to do
so. Any 80386 (Pentium+) and higher processors enforce a specific security policy on user mode applications
by prohibiting them from executing instructions that talk to device ports directly, preventing access to memory
in other processes, and by preventing execution of kernel mode without first going through specific controlled
entry points.
For user mode code, Windows supports many different sets of user accounts that are based on security
policies. For example, administrator and guest accounts are user
based security policies. Administrators
typically have nearly full permission to access any system objects they want, while guests are restricted and
cannot read other users’ files or write to global locations on a machine.
Both administrators and guests run applications in user mode, but switch to kernel mode when making
system calls to access objects. Kernel
mode code verifies security descriptors to check if users have access to
the objects they request.
User mode enables ThinApp to do the following:
ThinApp can run applications on locked
down PCs without administrator rights. This means remote
users can execute applications on kiosk and hotel PCs where they are not able to install software or device
drivers.
ThinApp can run applications directly from USB flash devices and various portable storage. Because
ThinApp can be loaded without a client component, you can use a packaged application on any PC or
network share.
ThinApp operates with all system
level software and does not conflict with device drivers.
Improved Security in User Mode
Software applications typically have bugs that create potential security problems. For example, Internet
Explorer can be used to force machines with Internet access to execute code using an HTML email or
redirecting page views to specific Web sites.
With Windows Vista, Microsoft runs Internet Explorer from a separate user account that has limited security
rights. Because of this, a compromised Internet Explorer account cannot do anything to the rest of the machine.
This solution is possible because Internet Explorer runs in user mode.
Because ThinApp runs in user mode, any bug or vulnerability presents no additional risk to the rest of the
system because all ThinApp code is running in user mode in the same security context as the application.
Other solutions use device drivers and run significant amounts of kernel
mode code. If these solutions are
compromised, you can lose full control over your machine. User mode code can be walled off using user
accounts but kernel
mode code cannot.
Because ThinApp runs in user mode, it has the same rights and permissions as any other application a specific
user has. ThinApp cannot exceed the security rights of the user account it is running in because it has no device
drivers or components running in kernel mode.