At 06:19 PM 9/25/98 +0200, Gigi Mori wrote: >The bug resides in TCPIP.SYS InternalIoControl dispatch routine where lacks a check on current IRQ level before processing the query information request. I think you mean IRQL, which is a little different. At any rate, this one isn't too surprising - any time you start dealing directly with drivers, you're dealing with performance-oriented, trusted code. It is likely that all of the other code that calls into this sets the IRQL before going in. The trade-off to fix all of this is that, of course, to add checks all over the place for IRQL level, etc will incur a performance penalty. There are some interesting security implications in terms of who can do what to device drivers - see http://www.sysinternals.com/devsec.htm for a good article on this. An excerpt: "The vast majority of device objects created have the following permissions: Everyone:Read/Write (R/W) (the Everyone built-in Security Identifier -SID - is also known as the World SID), System:Full Access, and Administrator:Full Access." IMHO, it would be really nice to have documented APIs implemented in user mode for all of the command line apps - for example, nbtstat would be nice to be able to call from inside an app. Obviously what you're doing here is trying to do the same thing as netstat from inside an app. David LeBlanc dleblancat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:17:57 PDT