|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Chris Calabrese (chris_calabrese_at_yahoo.com)
Date: Wed Aug 07 2002 - 08:38:13 CDT
So let me get this straight.
Allowing unpriveleged processes to send control messages to priveleged
processes is not a flaw in the Win32 API because there is a mechanism
for applications to protect themselves from this type of attack
(alternate Windows Stations/Desktops).
But the mechanism effectively prevents the priveleged processes from
providing a GUI because the user won't be able to actually see the
alternate Windows Stations/Desktops without some kind of Station
switching tool, and/or extra training in how to do this.
So, the result is that no applications actually use this mechanism.
What part of "this is broken" doesn't make sense?
__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]