[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Windows Access Control Demystified.

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Windows Access Control Demystified.
From: Luciano Faletti <lucianobellou@xxxxxxxxx>
Date: Wed, 1 Feb 2006 02:00:20 -0300

Interesting, very interesting. I'll take a look

regards,
Luciano
(new in the list)

2006/1/31, sudhakar+fulldisclosure@xxxxxxxxxxxxxxxx <
sudhakar+fulldisclosure@xxxxxxxxxxxxxxxx>:
>
>
> Hello everybody,
>
> We have constructed a logical model of Windows XP access control, in a
> declarative but executable (Datalog) format.  We have built a scanner
> that reads access-control configuration information from the Windows
> registry, file system, and service control manager database, and feeds
> raw configuration data to the model.  Therefore we can reason about
> such things as the existence of privilege-escalation attacks, and
> indeed we have found several user-to-administrator vulnerabilities
> caused by misconfigurations of the access-control lists of commercial
> software from several major vendors.  We propose tools such as ours as
> a vehicle for software developers and system administrators to model
> and debug the complex interactions of access control on installations
> under Windows.
>
>
> The full version of the paper can be found at:
>
> http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf
>
>
> All the vendors and CERT are aware of this paper. The bugs are *not*
> remotely exploitable. The CERT id is VU#953860.
>
>
> regards,
> Sudhakar Govindavajhala and Andrew Appel.
>
> Bio:
>
> Sudhakar Govindavajhala is a finishing PhD student at Computer Science
> department, Princeton University. His interests are computer security,
> operating systems and networks. Sudhakar is looking for employment
> opportunities.
>
>
> Andrew Appel is a Professor of Computer Science at Princeton University.
> He is currently on sabbatcal at INRIA Rocquencourt. His interests are
> computer security, compilers, programming languages, type theory, and
> functional programming.
>
>
>
>
>
>
> Sudhakar Govindavajhala                   Department of Computer Science
> Graduate Student,                         Princeton University
> Ph : +1 609 258 1763
>                 http://www.cs.princeton.edu/~sudhakar
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Windows Access Control Demystified.
  - From: sudhakar+fulldisclosure

Prev by Date: Re: [Full-disclosure] I stole code
Next by Date: Re: [Full-disclosure] Filemaker Pro 7 - any known exploits/hacksavailable?
Previous by thread: [Full-disclosure] Windows Access Control Demystified.
Next by thread: Re: [Full-disclosure] I stole code
Index(es):
- Date
- Thread