Bugtraq mailing list archives
Re: Tiny Personal Firewall
From: elfs <elfs () rs gov lv>
Date: Tue, 5 Mar 2002 14:13:10 +0200
It must be the responsibility of the OS to prevent console users interacting with applications when the desktop is locked. No user process should ever be able to bypass the lock mechanism.
If we take a look to WinAPI help for, i.e. MessageBox, we see, that it has a flag (WindowsNT only), called MB_SERVICE_NOTIFICATION: (..) The caller is a service notifying the user of an event. The function displays a message box on the current active desktop, even if there is no user logged on to the computer (..) So we can write a small test program: ---[ test.c ]--- #include <windows> void main() { Sleep(3000); // Pause, to give you time to lock // the computer MessageBox( NULL, // HWND, should be NULL "Who cares if we are locked?", // Messagebox text "Test", // Messagebox caption MB_OK | MB_SERVICE_NOTIFICATION // Flags ); } and this gives a chance for almost any appl to communicate with user on WinNT, even if the computer is locked. Just my 0.02 Ls - elfs, Latvia
Current thread:
- ... Tiny Personal Firewall ... Andrew Barkley (Feb 28)
- Re: ... Tiny Personal Firewall ... Maher Odeh (Mar 01)
- Re: ... Tiny Personal Firewall ... Scott Nursten (Mar 05)
- Re: ... Tiny Personal Firewall ... Dave Ahmad (Mar 04)
- Re: ... Tiny Personal Firewall ... Tom Geldner (Mar 05)
- Re: Tiny Personal Firewall elfs (Mar 05)
- Re: ... Tiny Personal Firewall ... J.Brown (Ender/Amigo) (Mar 06)
- Re: ... Tiny Personal Firewall ... Dave Ahmad (Mar 04)