I'm trying to determine if there's a way for our users to run Web Inspect without being local administrators. I came across this discussion regarding it, but it's from 9+ years ago. I'd like to verify that it's still accurate please.
Cybersecurity
DevOps Cloud
IT Operations Cloud
I'm trying to determine if there's a way for our users to run Web Inspect without being local administrators. I came across this discussion regarding it, but it's from 9+ years ago. I'd like to verify that it's still accurate please.
Which version of WebInspect are you running? Part of the requirements for local administrator rights was the injection of our root certificate. We've changed this to the installation of the application instead of runtime. The other challenge is our storage of files in C:\Program Files\. You can modify the installation folder to provide access to help alleviate some of those challenges.
The information you found is mostly correct and we still recommend admin privileges; however, there are some customers that run without...with modifications.
Hey Ethan,
Thanks for your response. I've been tied up with other things, but have worked my way back to this one. We've got 23.2.0 installed. I'm going to start going through some modifications to see if I can get this working, but if you have specific information as to how you other clients have it set up to run without admin rights, I'd appreciate it if you could share that.
Other than the root certificate, permissions on the WebInspect directory under Program Files may need to be modified. Windows protects information under Program Files, but we store/modify some files/folders in that location that may need to be updated during runtime.
Yeah, I've given local\users full control of the Fortify folder in C:\Program Files, and it still doesn't like it. Only thing I've found that works is to turn off UAC, but we obviously don't to do that.