RE: long filename issue in Win9x

From: Rubio Xavier (xavier.rubio@colt-telecom.es)
Date: Wed Jul 18 2001 - 22:02:21 PDT

Next message: Bugtraq Account: "Re: Firewall-1 Information leak"

Previous message: Radu-Adrian Feurdean: "Re: 2.4.x/Slackware Init script vulnerability"
Maybe in reply to: R v. Dijk: "long filename issue in Win9x"
Next in thread: Phaedrus: "Re: long filename issue in Win9x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> -----Mensaje original-----
> De:	Jesper M. Johansson [SMTP:jjohanssat_private]
> Enviado el:	miércoles 18 de julio de 2001 18:09
> Para:	'R v. Dijk'; bugtraqat_private
> Asunto:	RE: long filename issue in Win9x
> 
> >make a 'PROGRAM.EXE' executable in your C:\, and reboot windows. 99%
> chance
> >it will start up something like this
> >"C:\PROGRAM files\Internet Explorer\blah blah /systray"
> 
> >Now PROGRAM will be invoked, with then rest as a parameter list. This
> caused
> >me a headache, because I didn't know where to start
> 
> This does not have anything to do with long filenames, but rather the
> problem that many developers do not properly quote paths when they put
> them in the <hive>\Software\Microsoft\Windows\CurrentVersion\Run key. If
> you have an entry like this, with quotes:
> 
> 
> "C:\Program Files\ResponsibleDevIsUs\someBinary.exe"
> 
This also is due Windows allowing the two forms, and trying multiple
filenames when there aren't quotes: it will try C:\Program.EXE, then
C:\Program Files\IrresponsibleProgrammingCorp\someBinary.exe.

> In that key, then everything is copasetic. However, if the entry looks
> like this, without quotes:
> 
> C:\Program Files\IrresponsibleProgrammingCorp\someBinary.exe
> 
> Then the system will interpret this string as two strings: "C:\Program"
> and "Files\IrresponsibleProgrammingCorp\someBinary.exe". The first will
> match your rogue executable, and the other will simply fail, and you
> might get an error message.
> 
> Note that (1) there are more locations than the one I listed above where
> this can happen, and (2) if you are concerned about users putting rogue
> executables into your %systemdrive% (which you should be) you should ACL
> that directory so that they cannot do so.
> 
> Jesper M. Johansson


**********************************************************************
COLT Telecom Espana S.A.
Oficina Registrada en: Telemaco, 5 28027 Madrid
Tel. +34 91 789 9000

This message is subject to and does not create or vary any contractual
relationship between COLT Telecommunications, its subsidiaries or 
affiliates ("COLT") and you. Internet communications are not secure
and therefore COLT does not accept legal responsibility for the
contents of this message.  Any view or opinions expressed are those of
the author. The message is intended for the addressee only and its
contents and any attached files are strictly confidential. If you have
received it in error, please telephone the number above. Thank you.

**********************************************************************

Next message: Bugtraq Account: "Re: Firewall-1 Information leak"
Previous message: Radu-Adrian Feurdean: "Re: 2.4.x/Slackware Init script vulnerability"
Maybe in reply to: R v. Dijk: "long filename issue in Win9x"
Next in thread: Phaedrus: "Re: long filename issue in Win9x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 19 2001 - 09:22:37 PDT