RE: Another Mac OS X ScreenSaver Security Issue (after Security Update 2003-07-14)

["CHRIS GRABENSTEIN" <LFGRABC () LF VCCS EDU>]

That's not really allowing another program to bind the keys.  In the case of
the Netware client, Microsoft's GINA is completely replaced by the NWGINA
which handles the authentication at that point.  It doesn't simply bypass
MS's GINA unless I'm incredibly misinformed.  A malicious user can certainly
write their own GINA, but I don't think that's on the same level as simply
remapping some keys.  I also don't believe you can have multiple GINAs in use
at once.

|-----Original Message-----
|From: Brian Eckman [mailto:eckman () umn edu] 
|Sent: Thursday, July 31, 2003 4:08 PM
|To: Gavin Hanover; bugtraq () securityfocus com
|Subject: Re: Another Mac OS X ScreenSaver Security Issue 
|(after Security Update 2003-07-14)
|
|
|Gavin Hanover wrote:
|> I don't quite agree. Windows uses control-alt-delete as a security
|> device. It binds those keys as a hotkey in such a way that no other
|> aplication can replace it.
<snip> 
|> Gavin
|
|
|Windows does allow others to bind to those hotkeys. The Novell 
|client is 
|a good example. The Novell NDS password can be used to unlock 
|the screen 
|saver, without requiring the Windows password to be entered. Obviously 
|other programs could bypass the Windows authentication as well.
|
|Brian
|-- 
|Brian Eckman
|Security Analyst
|OIT Security and Assurance
|University of Minnesota
|612-626-7737
|
|"There are 10 types of people in this world. Those who
|understand binary and those who don't."
|
|