On Wed, 3 Feb 1999, Bronislaw Kozicki wrote: > 2) super-privileged GINA that can be any DLL you put in registry. User > (or hacker) can make own GINA and try to register it (a) writing to > registry or (b) replacing file MSGINA.DDL. By default ordinary user > cannot do that, but ... It's worth noting that a sample GINA which makes calls down to the Microsoft GINA is available as source on the platform SDK in MSDN. (I just recently wrote a GINA to do a custom touch-screen based authentication) The key where the GINA is registered is secured, but if MSGINA.DLL is living on a FAT partition, it would be trivial to replace it w/ another GINA which calls back to MSGINA (albeit renamed, of course). Off the top of my head, I cannot tell you the default NTFS permission on MSGINA.DLL, but my _HOPE_ would be that it is set securely (I'll have to check when I get back to an NT box). Indeed, a GINA which collects passwords would be fairly trivial to implement-- calling back down to Microsoft's MSGINA w/ stub functions. GINA is also a neat place to implement things like "logoff scripts" and disallowing the use of "locked" screensavers, too. __ __ __ / /-//-/ The Attitude Adjuster http://www.bright.net/~catsuit ...so terribly unfashionable media productions...
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:32:29 PDT