The differences between the user- and administrator-level privileges
- A computer account that has user-level privileges can be used to access email, browse the internet and run programs that the account is authorized to access.
- A computer account with administrator-level privileges can do all of the above, and also can be used to install software on the system and configure computer and network settings.
On the surface, it would seem that most people would opt for administrator-level privileges, if asked. But from a security standpoint, there are real concerns about performing day-to-day tasks with full administrative rights to your computer.
Why user-level accounts are more secure
The section on viruses and other forms of malware indicates that viruses run with the same privilege level as the logged-in user.
- If you are logged-in with administrator-level privileges and you inadvertently click on a virus-laden link or attachment while checking your email or surfing the Internet, the unleashed virus will be able to install software and do just about anything to your system and information.
- If you are logged-in with user-level privileges, the moment the virus tries to alter your configuration or install something on your system, you will be prompted for a system administrator's ID and password. Assuming you do not provide those credentials, the virus' activity cannot proceed any further.
But anti-virus software should stop the viruses, right?
Your up-to-date anti-virus/anti-malware software will stop most viruses but not all. Anti-virus/anti-malware software relies heavily on virus/malware "signatures", i.e., snippets of program code characteristic of that specific attack. Anti-virus/anti-malware vendors generally are configured to download new signatures daily.
With that in mind, say that you received your anti-virus/anti-malware signature file update at 8:00 AM today. A malicious individual might unleash a new virus at 10:00 AM, and send out spam with a link to download and activate the virus on the system of whoever clicks the link. Let's assume that this virus is not a simple variation of a known virus, but is brand new, so anti-virus/anti-malware software may not recognize the code as a virus. The vendor hears about the new virus at 11:00 AM and the vendor's staff begins to work on the signature. They finish their work at 5:00 PM and set up the signature for distribution. Your computer does what it always does - it downloads new signatures at 8:00 AM the next day. If you click on the link with administrator-level privileges any time between the time the virus was distributed to the time your software downloads the newest signature at 8:00 AM the next day, your system can be completely compromised. If you click on the link with user-level privileges, the virus' execution may be stopped before any damage is done.
What if you really need to run at the administrator-level?
Most users only need administrator-level privileges to install software or to alter a system configuration setting. Most of the time, users are checking e-mail, web browsing, running applications - all things that a person with user-level privileges can do. At times when administrator-level privileges are required on a University-owned computer, there are two options:
- For those who need administrator-level privileges on rare occasions to install software or configure settings, UCT Technical Services would be happy to install software or configure your system.
- For those who need administrator-level privileges on a regular basis and there is no reasonable alternative, UCT can set up your account on the specific computer that you need to manage with administrator-level privileges on a case-by-case basis. Please note that to obtain such privileges, you will need to submit a administrator-level privilege request form indicating why such privileges are required with your signature attesting that you have read and understand the additional risks. Contact the UCT Support Center at extension 2828 or at firstname.lastname@example.org for information regarding this form and procedure.
On your home computer, we recommend setting up two accounts - one with user-level privileges that you use for day-to-day e-mail and web browsing, and one with administrator-level privileges that you only use when you need to install or update your system's software. The minor inconvenience of having two accounts is far less of a problem than remediating the effects of an unleashed computer virus.