Re: Privilege-escalation attacks on NT-based Windows are unfixable

From: Alun Jones (
Date: 08/22/02

From: (Alun Jones)
Date: Thu, 22 Aug 2002 17:15:14 GMT

In article <>, David Hopwood
<> wrote:
>That won't work if Admin has a window on the same desktop as JoeUser, because
>then there is no way for it to protect its private key.

Correct - this would suggest that the "RunAs" capability is a bad one to use
in practice.


[Please don't email posters, if a Usenet response is appropriate.]

Texas Imperial Software   | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place   | or email
Cedar Park TX 78613-1419  | VISA/MC accepted.  NT-based sites, be sure to
Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for XP/2000/NT.