Security considerations & recommendations for running SURunAs
The SURunAs (Smart Upgrade Run As Admin) utility is designed for users who need to install or upgrade Notes but do not have local workstation administrator privileges. Are there any security considerations for running this utility?
Resolving the problem
Before deploying the SURunAs utility you should take into consideration and plan for the following requirements:
(1) SURunAs requires a username and password so that Smart Upgrade can run as an account with administrative privileges to users' workstations.
(2) SURunAs uses a Windows API call that requires the account password to be passed in clear text.
Due to these requirements, IBM Lotus recommends that administrators generate a generic name with password for an OS profile to be used across workstations by SURunAs, and then remove that profile once the installs and upgrades are complete.
Note: An enhancement request to modify the design of SURunAs to work around the clear text password requirement has been submitted to Quality Engineering as SPR #JSTN84CSC7.
SPR# JSTN84CSC7 is fixed in Notes 8.5.3. - Prior to this fix, SURunAs contained a security issue where passwords could be compromised because they were stored in plain text. In 8.5.3, SURunAs was completely rewritten and secured, including stored passwords with encryption.