RE: Windows Access Control Demystified

[surreal () delusory org]

> Not sure if anyone's really looked at this yet, but the "Windows
> Access Control Demystified" paper talks about a tool that was created
> to find complex privileges/ACL problems in Windows.  I've always
> suspected that the fine-grained nature of Windows' security mechanisms
> would result in difficult-to-find, easy-to-make vulnerabilities, and
> this paper helps to demonstrate the concept.
>
> http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
>
> What do others think?
>
> - Steve

I didn't make it very far yet but I have a strong opinion anyway. It's
fascinating work, but I was hit with a flashback of Fnord Syndrome*
early on and had to bail. F.S. occurs when someone displays cool new
technology, then hits you with "Oh, you can't have a copy, write your
own!". 

I made it past the point where the author stated that the tool is "too
dangerous to release".  When he suggested that people should use just
such a tool to mitigate risks, my urge to shout "blow me!" was foiled
by the lack of a responsible human to yell it at. My weakness.

Maybe I have a naughty ISP, but I can't seem to retrieve a copy from
home. I got it ok from work yesterday.

Surreal
* Blackhat 2001,  "Fnord: A Loadable Kernel Module for Defense and
Honeypots"