Home > Uncategorized > Quick Primer: LocalSystem account security context

Quick Primer: LocalSystem account security context

Here are some links that discuss the LocalSystem account and it’s privileges and security context:

Here’s a list of the privileges that are enabled to the LocalSystems account:

SE_AUDIT_NAME (enabled): Generate security audits.
SE_CHANGE_NOTIFY_NAME (enabled): Bypass traverse checking.
SE_CREATE_GLOBAL_NAME (enabled): Create global objects.
SE_CREATE_PAGEFILE_NAME (enabled): Create a pagefile.
SE_CREATE_PERMANENT_NAME (enabled): Create permanent shared objects.
SE_DEBUG_NAME (enabled): Debug programs.
SE_IMPERSONATE_NAME (enabled): Impersonate a client after authentication.
SE_INC_BASE_PRIORITY_NAME (enabled): Increase scheduling priority.
SE_LOCK_MEMORY_NAME (enabled): Lock pages in memory.
SE_PROF_SINGLE_PROCESS_NAME (enabled): Profile single process.
SE_TCB_NAME (enabled): Act as part of the operating system.

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: