Welcome to WebmasterWorld Guest from 50.19.190.144

Forum Moderators: bakedjake

Message Too Old, No Replies

Win32 API

utterly and irredeemably broken

     
7:07 pm on Aug 14, 2002 (gmt 0)

Moderator from GB 

WebmasterWorld Administrator mack is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:June 15, 2001
posts:7557
votes: 3

Xoc

7:42 pm on Aug 14, 2002 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 18, 2001
posts:1437
votes: 0


My understanding of this one is that it is an insignificant problem. It's based off the idea that Windows has always run off a global message queue and that applications can put things into or take things out of the queue. The result is that one program can hack another one running in the same context.

But that's a given on any operating system. It's the same effect that you get if you can run a malicious program as root on Linux, it can hack any other program on the system. The mechanism on how you would implement it is different between Windows and Linux, but the result is the same.

7:47 pm on Aug 14, 2002 (gmt 0)

Moderator from GB 

WebmasterWorld Administrator mack is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:June 15, 2001
posts:7557
votes: 3


So could the operating system be controlled remotely using a program installed on the infected computer that is accessed over the web for instance? In a way I can understand how this would happen on almost any OS it would just need to be ported for itís intended environment. Does anyone know of any instances where this has actually happened?
8:30 am on Aug 15, 2002 (gmt 0)

Preferred Member

10+ Year Member

joined:Oct 4, 2000
posts:446
votes: 0


"The result is that one program can hack another one running in the same context" -- and the problem in Windows is most things run as the eqivilent of root. A problem we had was as follows:

* An intern needed to remove an activeX download file from their computer
* IE had placed the activeX file a system folder, even though the intern wasn't logged in as the administrator
* intern didn't have the administrator password and had to ask for somebody else to remove it

On Linux my browser runs as josk. It can install things to whereever *I* can install things. The downside is that anything *I* own is at risk, but at least the system is safe...