Last week, I provided an overview of the security zones built into Internet Explorer 6 -- and making their way into other Microsoft products -- as well as their default security settings. In that discussion, I mentioned the security templates that provide the default settings for each zone.
The template includes a set of about 22 settings, including "URL action flags" such as URLACTION_ACTIVEX_RUN, which manages the execution of ActiveX Controls and plug-ins from HTML pages in the zone, and URLACTION_SCRIPT_PASTE, which determines if scripts can do paste operations. With each new version of IE, Microsoft adds to the list and fine-tunes the combination of settings to protect against the attacks currently in vogue.
The settings for each template are stored in the registry at these keys: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies Not surprisingly, Microsoft cautions against relying on these locations or value names because they may change in future versions of IE and Windows. The default settings are under the HKEY_LOCAL_MACHINE key, and any changes the user makes are saved in the HKEY_CURRENT_USER as overriding values. Surprisingly, the registry keys have no special permission settings, including the default Users group, meaning that by default any user can change those default values. That seems like a security hole, but I haven't yet explored the implications. The templates are closely aligned with the security zones I covered last week. By associating a site with a zone, it picks up the settings for the template as modified by the user.
The High template is for zones with Web sites that could cause damage to your computer or data. The settings used by this template will restrict sites from doing potentially damaging operations, such as running code or installing ActiveX controls.
The Medium template is the middle ground between safety and convenience, prompting the user for a decision about potentially unsafe content. This means that it is generally annoying for the user, but lets them get at content they want.
The Medium-Low template loosens a few settings compared to the Medium template, with the effect that the user is prompted for a decision less often and are automatically given access to slightly riskier sites.
The Low template is used for URL security zones that contain Web sites that are fully trusted by the user. All but the most blatantly risky actions are allowed, a setting that Microsoft doesn't recommend.
Next week, I'll continue this discussion with a look at the COM interfaces you can use to hook into these security features.