Commands from Fast Path

CNCOneWorld

Active Member
I am looking for a white paper or best practice on how to secure windows commands from being executed from the fast path for users on citrix. I know JDE security you can do a per command exclude however there are many .exe that can do a lot of damage. Thanks in advance.
 
I have never seen a white paper on it. But what we do here is control it by a policy. Check tit out by searching Windows Policy, or even just going out and creating one. We have an older one from Windows NT that has a list of "approved" exe's that can be run. Windows 2000 policy's allow you to exclude ones you do not want ran.

Nick
 
All .exe fast path commands are stored in in the Fast path UDC table. You
could potentially use security to lock those record down.

Just a thought.
----- Original Message -----
From: "CNCOneWorld" <[email protected]>
To: <[email protected]>
Sent: Wednesday, July 30, 2003 1:22 PM
Subject: Commands from Fast Path


commands from being executed from the fast path for users on citrix. I know
JDE security you can do a per command exclude however there are many .exe
that can do a lot of damage. Thanks in advance.
 
Not really: in OEXPLORE you can run things like "cmd" and "explorer".

One alternative to policies is NTFS security, another - use Solution Explorer, it does not allow to run windows commands.

Regards,
Alex.
 
AFAIK, on citrix there is an option that the user just can launch the published application and nothing else, may be this option can give you what you want.
 
Back
Top