on Sun, May 14 2006 4:01 am Erik Funkenbusch wrote:
> .. By default services are not interactive, and cannot interact with the desktop ..
You're describing imagionary "feetures" in the upcoming Vista. Does
anyone really believe assurances on security coming out of Redmond.
You were corrected on this in Dec 2002. Windows messaging is
fundemantally flawed in that it does no validation on messenges passed
between various windows including the so called hidden ones. See here
where he describes how to elevate privileges merely by copying binary
data to the clipboard.
http://security.tombom.co.uk/shatter.html
"the way MSWIN uses it is asking for disaster stability wise."
- Ilari Liusvaara
".. that's not a fundamental design issue, but rather an implementation
one." - Erik Funkenbusch
Are you intentionally trying to look ludicrous?
http://groups.google.co.uk/group/comp.os.linux.advocacy/msg/b906d2608d693dfe?hl=en&;
|
|
