Re: Elevated Privileges
From: cquirke (MVP Win9x) (cquirkenews_at_nospam.mvps.org)
Date: 05/03/04
- Next message: Doolittle: "Sasser Infection"
- Previous message: Carey Frisch [MVP]: "Re: LSA Shell Export Version"
- In reply to: Jeff Smyrski: "Re: Elevated Privileges"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 03 May 2004 23:21:23 +0200
On Mon, 3 May 2004 08:44:34 -0400, "Jeff Smyrski"
>"cquirke (MVP Win9x)" <cquirkenews@nospam.mvps.org> wrote
>I tried un-registering the dll, and then moving the dll to a temp folder,
>and re-registering it with the regsvr32.
I hope that wasn't "temp" as in %Temp%?
>I also tried to search the registry to manually change the registration
>location and neither worked.
The only hope is that it writes to . (i.e. where it is) and that the
.DLL will work if stored elsewhere (my choice would be in the app's
dir). Temp files really should go in %Temp% and thus be properly
relocatable, separated by user profile (think XP's fast user switching
feature) and so on. The coders had a bad SOP, which now matters.
>It looks like the dll is hard coded to write to the system32 folder. The
>vender said it worked just fine on windows 2000 and NT, but apparently with
>tighter security on XP it no longer works.
Still a dof idea. You don't poo in the crucial part of the nest.
>I wish I could purge the software, the bad news is that this is a feature of
>the core software that you can not get rid of, meaning the core software.
Yep. Nasty, tho, and these dudes really should have fixed this by
now... I mean, *how* many years has XP been standard for? Sheesh!
>When you said malware implications...what do you mean there?
Dunno; you're top posting, so context not found yet. I'll clarify
when I get there, unless it's snipped.
>By the sounds of it, there was a security hole on W2K and NT4,
>in which this dll worked just fine, but since then, new security
>features and hotfixes of XP have blocked that...correct?
Maybe. Or more likely, MS got fed up with the number of problems
caused by apps pooing in the system's core, and decided to defend this
core accordingly. Not a bad idea, IMO.
>Thanks for the input...a MSFT post said give the users full control...if not
>then there is no work around to just let one dll run with elevated
>privileges.
OK. Bummer, but a common real-world outcome where the whole
limited-rights account thing goes.
>> On Thu, 29 Apr 2004 06:06:49 -0700, "Jeff Smyrski"
>> >Is there a way to allow a program / dll to always run
>> >with elevated privileges.
>> Consider the malware implications of a "yes", there...
Oh, I see. Well, basically if that were possible, any malware could
escalate it's own priviledges, making the whole concept rather a waste
of time. Which to some extent is true, as it is - there are several
holes through which malware can escape limited rights etc.
>-------------------- ----- ---- --- -- - - - -
"If I'd known it was harmless, I'd have
killed it myself" (PKD)
>-------------------- ----- ---- --- -- - - - -
- Next message: Doolittle: "Sasser Infection"
- Previous message: Carey Frisch [MVP]: "Re: LSA Shell Export Version"
- In reply to: Jeff Smyrski: "Re: Elevated Privileges"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
