Abstract: A server device for managing privilege delegation to control execution of commands thereon is described. Execution of a command, according to first privileges, by a remote management (RM) server on the server device is requested from a RM client on a client device. An agent plug-in, chained to a command execution plug-in of the RM server, intercepts the request and forwards related information to an agent service cooperating with an operating system of the server device. The agent service determines whether to execute the command according to second privileges, different from the first privileges and if permitted, delegates the second privileges to the command, and causes, via the agent plug-in chained to the command execution plug-in, the command to be executed according to the second privileges.

Abstract: A computer device and method for managing privilege delegation to control execution of commands on files on the computer device is described. An agent plugin intercepts a request in a user account of a logged-in user to execute a command therein on a file having first privileges assigned thereto, wherein the agent plugin is provided for the file. The agent plugin obtains information related to the request and forwards the information to an agent service cooperating with an operating system of the computer device. The agent service determines whether to execute the command on the file in the user account according to second privileges different from the first privileges. The agent service launches an agent proxy process having the second privileges assigned thereto by the agent service if it is determined to execute the command on the file in the user account according to the second privileges.

Abstract: An application control system (ACS) in a computer device intercepts a request to launch a requested application by a calling process, and determines, based on the requested application, that user interaction is required before launch. In response, the ACS establishes whether or not the calling process is associated with a controlling terminal and, if so, performs the user interactions using that controlling terminal. Where the user interactions are successful then the intended application is permitted to launch or, conversely, the intended application may be denied. Other solutions are provided in the event that the calling process is not associated with the controlling terminal.

Abstract: A policy can be consulted to determine an action to take when a disc image is mounted. The action to take can be based on the contents of an application program stored on the disc image. A notification can be received responsive to a user request to mount the disc image. Based on the determined action to take as specified by the policy, the application program can be installed using the privileges of the agent without changing the privileges of an account of a current user.

Abstract: There is described a computer device, including at least a processor and a memory, configured to control process components on the computer device, the computer device comprising: an operating system, a privilege access management service cooperating with the operating system and an agent; wherein the agent is configured to: intercept a request to instantiate a new process component in a user account of a logged-in user, wherein the request originates from an instance of a particular process component amongst a set of process components and wherein the user account has assigned thereto default user privileges by the privilege access management service; determine whether to permit the intercepted request including by: validating a relationship between the new process component and the particular process component; and establishing a set of identified owners by identifying owners of the new process component, the particular process and any parents thereof; permit the intercepted request if the relationship is v

Abstract: A user account that does not have administrator privileges may request mounting of a disk image prior to installing a new application. An agent, registered with operating system, receives notification and determines whether or not to allow mounting of the disk image. If so, the agent causes the disk image to be mounted by the operating system. The agent examines the mounted disk image to detect an application bundle. The agent determines whether or not to proceed with installation of the application bundle and, if so, then causes the application bundle to be copied to a privileged system location, thereby installing the application on the computer device.

Abstract: A computer device and respective method provides a primary clipboard accessible from a primary user account, while a sandbox is used to isolate and contain a secondary user account. A secondary clipboard is provisioned and associated with the secondary user account. The computer device, via an agent, intercepts requests from the secondary user account such as for cut, copy or paste type clipboard operations which are ordinarily directed toward the primary clipboard, and satisfies those clipboard operation requests instead by using the secondary clipboard.

Abstract: A computer system 300 contains an agent 303 which modifies the ordinary behaviour of a native security system 103, such as to allow security decisions with alternate granularity or an alternate set of access rights. The agent 303 intercepts authorisation requests made by applications 109 for resources 110 identified by URIs 111 and sends amended requests to the security system 103. An alternate authorisation mechanism 307 of the agent 303 is invoked by the security system 103, whereupon the agent 303 may selectively allow or deny the request according to the originally presented URI 111.

Abstract: Content files are isolated in a sandbox as a content isolation environment formed by a secondary user account. Printing is controlled by an agent via a staging file of a secure file type. The agent intercepts print requests (e.g. print start requests and print end requests) in a printing sub-system of an operating system in order to coordinate and securely control printing of the untrusted content file via the intermediate staging file.

Abstract: A computer device includes a download unit which downloads one or more files into a storage device. A file logging unit records a resource locator identifying a source network location of the file, when the file is downloaded, and associates the resource locator with a first fingerprint of the file. A system policy unit stores the resource locator associated with a process control policy relevant to the file. A process control unit is arranged to obtain a second fingerprint of the file upon launching a process in a runtime execution environment, retrieve the resource locator from the file logging unit by matching the second fingerprint with the first fingerprint, retrieve the process control policy from the system policy unit according to the retrieved resource locator, and selectively apply process execution privileges which determine execution of the process in the runtime execution environment according to the retrieved process control policy.

Abstract: A computer system and method are provided to intercept a task from a primary user account 121 prior to execution of the task by the computer device 200, where the task relates to an untrusted content. A task isolation environment 350 is provisioned for executing the task, including programmatically creating a secondary user account 121b on the computer device. A local printer and/or a network printer which are connected to the primary user account 121 are discovered and automatically provisioned in the secondary user account 121b. Access to the or each printer 500 is controlled by an agent 300 on the computer device 200.

Abstract: A computer device provides an execution environment that supports a plurality of processes. A plurality of key resources are associated with a security application that may perform process elevation to grant privileged access rights to a user process. A security module controls access to the key resources using an access control list. An anti-tamper mechanism creates a protection group as a local security group and adds a deny access control entry to the access control list. The anti-tamper mechanism intercepts the user process and creates a revised access token identifying the user process as a member of the protection group. The security module matches the protection group in the revised access token of the user process against the deny access control entry in the access control list of the key resources thereby restricting access by the user process even though the user process otherwise has privileges to access those resources.