Penetration Testing mailing list archives
Re: XPSP2 compatability
From: Michael Richardson <mcr () sandelman ottawa on ca>
Date: Tue, 24 Aug 2004 13:22:23 -0400
-----BEGIN PGP SIGNED MESSAGE-----
"Kevin" == Kevin Sheldrake <kev () electriccat co uk> writes:
Kevin> I've been toying with the idea of totally encrypting my fixed Kevin> LAN with (not to topic) Kevin> I've never really liked 'Run As' as a solution on Windows (although Kevin> admitedly, most of my experience has been as an observer as Kevin> opposed to an operator.) I still need to trust the people I Kevin> give 'Run As' to, don't I, not to do anything daft? I'm Kevin> guessing that you can't tie that ability down Kevin> to a single component? Or can you? I don't know. What I do know is that Windows 2000+ has the concept of a setuid program. i.e. one that can be given permissions to run as a different user. The "Run As" menu item uses it to implement the equivalent of the "su" command --- the ability to escalade one's priveledges, and then authenticate as another user. Previous to that, the only way to become another user was to start as a priveledged process (i.e. from the "login" box). I don't think that there is much that uses the setuid yet. It is useful to provide for priveledge seperation on windows, but expect there to be bugs as well. - -- ] "Elmo went to the wrong fundraiser" - The Simpson | firewalls [ ] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[ ] mcr () xelerance com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Finger me for keys iQCVAwUBQSt5ToqHRg3pndX9AQHExgQAjs64iPyi/3+M3KOo4yqKybR/TFdCiAXr yKgFKL528mmEh3rNkwsGU+j9fiJWvuW3gitlgbbB7i1zOjyFAdwkLITNYULxMYPp MPSuBz6LhwYSIeNBTPAWnC65fRnklcPTzC0pkEA3OFnZS2BtNQD6nQJBnd4Peu8S neMWCNanwsE= =CWln -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- RE: XPSP2 compatability, (continued)
- RE: XPSP2 compatability Joe Smith (Aug 22)
- RE: XPSP2 compatability Chris Brenton (Aug 22)
- RE: XPSP2 compatability Joe Smith (Aug 22)
- RE: XPSP2 compatability OBrien, Brennan (Aug 20)
- Re: XPSP2 compatability Kevin Sheldrake (Aug 21)
- Re: XPSP2 compatability Jophn Deo (Aug 22)
- Re: XPSP2 compatability Max (Aug 24)
- Re: XPSP2 compatability Kevin Sheldrake (Aug 21)
- RE: XPSP2 compatability Wozny, Scott (US - New York) (Aug 20)
- Re: XPSP2 compatability Kevin Sheldrake (Aug 21)
- Re: XPSP2 compatability Michael Richardson (Aug 24)
- Re: XPSP2 compatability Kevin Sheldrake (Aug 24)
- Re: XPSP2 compatability Michael Richardson (Aug 24)
- Re: XPSP2 compatability Kevin Sheldrake (Aug 21)