<br><br><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Guillaume SH</b> <span dir="ltr"><<a href="mailto:gsh.debianlists@gmail.com">gsh.debianlists@gmail.com</a>></span><br>
Date: 2009/2/1<br>Subject: Re: A basic implementation for increased security in wine proposal<br>To: Marcus Meissner <<a href="mailto:marcus@jet.franken.de">marcus@jet.franken.de</a>><br><br><br>Hi Marcus,<br><br>I stand corrected, as it appears I was way too naive in my understanding of software security, hence the example I provided.<br>
<br>Regarding you explanation justifying there is no need to protect API against misuse, I am still not convinced, but I will think about it and try to get to a thorough understanding.<br>
<br>Thank you for clarifying,<br>Guillaume<br><br><div class="gmail_quote"><div class="Ih2E3d">2009/2/1 Marcus Meissner <span dir="ltr"><<a href="mailto:marcus@jet.franken.de" target="_blank">marcus@jet.franken.de</a>></span><br>
</div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>On Sun, Feb 01, 2009 at 10:41:25AM +0100, Guillaume SH wrote:<div><div></div><div class="Wj3C7c"><br>
> Hi Paul,<br>
><br>
> You asked me to actually describe the security I am concerned about, so I am<br>
> going for it :<br>
><br>
> Imagine an ill-intentioned people, call it the attackers. By the mean of<br>
> simply creating the following C application (based on classical "Hello<br>
> word") :<br>
><br>
><br>
> #include needed header<br>
><br>
> int main (int argc, char * argv[])<br>
> {<br>
> /* printf ( "Hello world!" ); */<br>
> GetOverlappedResult(0, NULL, NULL, FALSE);<br>
><br>
> return EXIT_SUCCESS;<br>
> }<br>
><br>
><br>
> Running this application on wine, I get to have my crash, with the<br>
> possibility of an exploit. So all I have to do know is to find a vector to<br>
> make you and some other people willing to run my application.<br>
><br>
> I won't describe in detail the way to perform the exploit as :<br>
> 1 - I don't know how to proceed and I don't want to<br>
> 2 - It would be showing poor sense of responsibilities<br>
<br>
</div></div></div><div><div></div><div class="Wj3C7c">If you can run an application ... it already can do everything!<br>
<br>
No need to protect APIs against misuse, they run at the same privilege<br>
level as your code.<br>
<br>
Ciao, Marcus<br>
</div></div></blockquote></div><br>
</div><br>