Bugtraq mailing list archives
RE: White paper: Exploiting the Win32 API.
From: "John Howie" <JHowie () securitytoolkit com>
Date: Wed, 7 Aug 2002 09:33:16 -0700
Chris, You misunderstand (I think). Interactive services are a *bad idea*. There is no need to have them. If you do have them they should not run under the context of LocalSystem. A good developer will not use them as there are alternatives. Microsoft does not recommend using interactive services. The Windows API has always allowed any window or user to send a message to any window on the same desktop. That is how Windows works. I do advocate Microsoft tightening this up but the problem still lies with bad developers. Regards, John -----Original Message----- From: Chris Calabrese [mailto:chris_calabrese () yahoo com] Sent: Wednesday, August 07, 2002 6:38 AM To: bugtraq () securityfocus com Cc: cloder () acm org; Chris Paget; Florian Weimer; John Howie Subject: Re: White paper: Exploiting the Win32 API. So let me get this straight. Allowing unpriveleged processes to send control messages to priveleged processes is not a flaw in the Win32 API because there is a mechanism for applications to protect themselves from this type of attack (alternate Windows Stations/Desktops). But the mechanism effectively prevents the priveleged processes from providing a GUI because the user won't be able to actually see the alternate Windows Stations/Desktops without some kind of Station switching tool, and/or extra training in how to do this. So, the result is that no applications actually use this mechanism. What part of "this is broken" doesn't make sense? __________________________________________________ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com
Current thread:
- RE: White paper: Exploiting the Win32 API., (continued)
- RE: White paper: Exploiting the Win32 API. John Howie (Aug 06)
- Re: White paper: Exploiting the Win32 API. Chris Paget (Aug 06)
- Re: White paper: Exploiting the Win32 API. Florian Weimer (Aug 06)
- RE: White paper: Exploiting the Win32 API. Marc Maiffret (Aug 10)
- RE: White paper: Exploiting the Win32 API. John Howie (Aug 06)
- Re: White paper: Exploiting the Win32 API. Roland Kaufmann (Aug 07)
- Re: White paper: Exploiting the Win32 API. Adam Megacz (Aug 07)
- Re: White paper: Exploiting the Win32 API. Chris Calabrese (Aug 07)
- Re: White paper: Exploiting the Win32 API. slack3r (Aug 07)
- RE: White paper: Exploiting the Win32 API. Kenn Humborg (Aug 10)
- RE: White paper: Exploiting the Win32 API. John Howie (Aug 07)
- Re: White paper: Exploiting the Win32 API. Simos Xenitellis (Aug 09)
- RE: White paper: Exploiting the Win32 API. Rothe, Greg (G.A.) (Aug 28)
- RE: White paper: Exploiting the Win32 API. Drew (Aug 28)
- Re: White paper: Exploiting the Win32 API. Chris Paget (Aug 29)
- RE: White paper: Exploiting the Win32 API. Drew (Aug 28)
- RE: White paper: Exploiting the Win32 API. John Howie (Aug 06)