Re: Win32 File Naming (again)

From: Kenn Humborg (kennat_private)
Date: Tue Aug 17 1999 - 10:40:25 PDT

Next message: Jochen Bauer: "XDM Insecurity revisited"

Previous message: Elias Levy: "Administrivia"
Maybe in reply to: x-empt [ lvhc / lou ]: "Win32 File Naming (again)"
Next in thread: David LeBlanc: "Re: Win32 File Naming (again)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> >While testing IIS security, I was able to locate an old flaw which is
> >still present in  many server services on  Win32.  The  problem deals
> >with a compatibility issue with the old  Win16/DOS file naming system
> >known as the 8.3 naming system.
>
> One well-known workaround for this issue that will take care of this
> problem, regardless of the server software, is to disable 8.3 filenames.

Does this break the GetShortPathName function?  This converts
long file names in the 8.3 equivalent.

The catch is that Microsoft recommend using the 8.3 name when
registering COM servers (due to a bug in CreateProcess when there
is a space in the server's directory path or file name).  So you may
not be able to register any COM servers on this partition (which may
not be a bad thing... :-)

Kenn

Next message: Jochen Bauer: "XDM Insecurity revisited"
Previous message: Elias Levy: "Administrivia"
Maybe in reply to: x-empt [ lvhc / lou ]: "Win32 File Naming (again)"
Next in thread: David LeBlanc: "Re: Win32 File Naming (again)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:56:53 PDT