[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Gates: 'You don't need perfect code' forgood security

To: "Frank Knobbe" <frank@knobbe.us>, <Valdis.Kletnieks@vt.edu>
Subject: Re: [Full-Disclosure] Gates: 'You don't need perfect code' forgood security
From: "Lan Guy" <rlanguy@hotmail.com>
Date: Mon, 3 Nov 2003 10:37:50 +0200

Frank

More to the point, not many people have gone through the MS OPK (OEM
Pre-Install Kit) to see exactly how "modified" one can make a windows build.

There is also a shortcut for the default Program Files directory (if it was
changed in Install) I can't find it right now.

And using TweakUI from the Windows XP Resource kit, there are uite a few
unique customisations one can do too.
http://www.microsoft.com/mspress/books/sampchap/6232.asp (and its continuing
page)
is 1 example of the info it contains. like being able to modify the location
of all the users "special folders"
however they still appear as virtual links like  %USERPROFILE%\My documents
.
You can also hide drives from the gui, but I have never had to do that yet.

Lan Guy

----- Original Message ----- 
From: "Frank Knobbe" <frank@knobbe.us>
To: <Valdis.Kletnieks@vt.edu>
Cc: <nick@virus-l.demon.co.uk>; "Full Disclosure"
<full-disclosure@lists.netsys.com>
Sent: Monday, November 03, 2003 6:50 AM
Subject: Re: [Full-Disclosure] Gates: 'You don't need perfect code' forgood
security

On Sun, 2003-11-02 at 21:09, Valdis.Kletnieks@vt.edu wrote:
> On Mon, 03 Nov 2003 12:23:06 +1300, Nick FitzGerald
<nick@virus-l.demon.co.uk>  said:
> > Finding the actual location of the startup folder was beyond the
> > exploit because it was running in an environment that could not query
> > the registry or other system APIs that would reveal the location.

Actually, I think it was beyond the knowledge of the exploit writer. :)

> And for bonus points, explain how you fix the scheme so the poor sysadmin
who
> has to run stuff at startup is able to find the folder, but an exploit
running
> with 'administrator' or 'system' can't find it?

Sure. %SYSTEMROOT%. %WINDIR%, or %USERPROFILE% should work just fine for
most cases of scripting and such.

Of course viruses and other malware can use the same environment vars. I
guess the writers of these annoyances didn't think that far.... lucky us
:)

Regards,
Frank

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Gates: 'You don't need perfect code' for good security
  - From: Nick FitzGerald <nick@virus-l.demon.co.uk>
- Re: [Full-Disclosure] Gates: 'You don't need perfect code' for good security
  - From: Valdis.Kletnieks@vt.edu
- Re: [Full-Disclosure] Gates: 'You don't need perfect code' for good security
  - From: Frank Knobbe <frank@knobbe.us>

Prev by Date: Re: [Full-Disclosure] Gates: 'You don't need perfect code' for good security
Next by Date: [Full-Disclosure] [RHSA-2003:275-01] Updated CUPS packages fix denial of service
Previous by thread: Re: [Full-Disclosure] Gates: 'You don't need perfect code' for good security
Next by thread: Re: [Full-Disclosure] Gates: 'You don't need perfect code' for good security
Index(es):
- Date
- Thread