Re: Why MS namedpipe work this way

From: 3APA3A (3APA3Aat_private)
Date: Mon Dec 10 2001 - 22:51:08 PST

Next message: Nicolas Gregoire: "Fwd: re: Are NULL pointer deref a security problem ?"

Previous message: Robert van der Meulen: "Re: Possible OpenSSH DoS Attack"
In reply to: Minchu Mo: "Why MS namedpipe work this way"
Next in thread: Ryan Permeh: "Re: Why MS namedpipe work this way"
Reply: Ryan Permeh: "Re: Why MS namedpipe work this way"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Minchu,


--Monday, December 10, 2001, 2:56:05 PM, you wrote to vuln-devat_private:




MM> Would it be better to have this function 
MM> ImpersonateNamedPipeClient() work only in case 
MM> when namedpipe server have higher privilidge than 
MM> client.

Under  *nix  there  is  superuser  with  uid 0 and ordinary users. Under
Windows  there is no things like that. There is a set of permissions and
group  memberships  each user can be given. It's impossible to compare 2
abstract users who has "higher" privileges.



-- 
~/ZARAZA
Машина оказалась способной к единственному действию,
а именно умножению 2x2, да и то при этом ошибаясь. (Лем)

Next message: Nicolas Gregoire: "Fwd: re: Are NULL pointer deref a security problem ?"
Previous message: Robert van der Meulen: "Re: Possible OpenSSH DoS Attack"
In reply to: Minchu Mo: "Why MS namedpipe work this way"
Next in thread: Ryan Permeh: "Re: Why MS namedpipe work this way"
Reply: Ryan Permeh: "Re: Why MS namedpipe work this way"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Dec 11 2001 - 09:35:39 PST