[PEN-TEST] POSIX Subsystem on NT

From: paul miles (mafit25at_private)
Date: Mon Apr 16 2001 - 21:25:59 PDT

  • Next message: Parity: "Re: [PEN-TEST] POSIX Subsystem on NT"

    Hello All
    
    I've got a question about the POSIX subsystem on NT.
    
    It is recommended that the POSIX subsystem is removed from NT and 2000  for
    security reasons.  My question is why?
    
    Is it simply following the principle "if you don't need it remove it"?
    
    Does the POSIX subsystem access resources (disk, etc) directly or does it
    sit on top of WIN32 and just provide a standard interface for POSIX
    compliant software?
    
    What I am really getting at is, can you bypass NT access control by calling
    the POSIX API to access files and the registry?
    
    Unlikely I know but I have not been able to find anyone who can give me a
    definitive answer.
    
    Does anyone know of any legitimate vulnerabilities in the NT POSIX or OS2
    subsystem?
    
    Any comments would be greatly appreciated.
    
    m
    
    
    _________________________________________________________________________
    Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
    



    This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 21:43:33 PDT