Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Question for the Windows pros

From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Thu, 19 Jan 2006 15:03:21 -0000

Paul Schmehl wrote in news:81C38B0596641FE18D090A87 () utd59514 utdallas edu

  Oh, alright, just one more, then I'll leave it until I've finished my 
essay.


The spyware has to bring the credentials with it.  The user doesn't *have*
the credentials.  It *gets* them from the process in question.  That's a
bit different.  The user has the right to impersonate within the context
of a process.  The process must already have the credentials to elevate,
or the user gets nothing (if I'm understanding impersonation correctly.)


  You aren't, sorry!  This is in fact almost exactly back-to-front: the user 
*does* have credentials, and processes inherit their credentials from the 
user who launches the process.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today.... 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: