SAFER security levels

Reading Michael Howards blog, I saw an article about safer browsing using software restriction policies.

Browsing the Web and Reading E-mail Safely as an Administrator, Part 2

He mentions there are 3 security levels that are not normally displayed in the Group Policy Editor

Unfortunately he only tells us the value to get Basic User to display, so I have added the others below.

Values

0x10000 - Constrained (also named Restricted)

0x20000 - Normal User (also named Basic User)

0x01000 - Untrusted

0x31000 - to get all 3

Copy the text below to make a reg file

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"Levels"=dword:00031000

Published Sunday, January 23, 2005 12:42 PM by Mark Dormer

Filed under: Security

Comments

Sunday, January 30, 2005 12:08 PM by Mark Dormer

# re: SAFER security levels

Microsoft have documented it.
The day after I posted them, by the way, I found them via investigation, not from anyone telling me.

http://msdn.microsoft.com/library/en-us/secmgmt/security/safercreatelevel.asp

Monday, January 31, 2005 4:29 AM by Mark Dormer

# re:

sorry but this is comment spam from a fellow MVP.
it was posted by an automated bot i wrote.
it uses AI to beat the CAPTCHA test.
i have written an article about it here.
http://www.brains-N-brawn.com/aiCAPTCHA

Mark Dormer

This Blog

Syndication

Search

News

Community

Windows XP Links

My Links

Blogs I read

Links

Tablet PC

Media Center

Windows 9x

Tags

Email Notifications

Recent Posts

Archives