[PATCH 3/3] server: Check object's security when
creating handles.
Vitaliy Margolen
wine-patches at kievinfo.com
Tue Feb 20 07:46:01 CST 2007
Robert Shearman wrote:
> Vitaliy Margolen wrote:
>> After
>> checking object's SD against token we fail some tests.
>> What it seems to me is that some one tried to "optimize" this part in
>> windows and instead created a security problem.
>
> If you already have a valid handle to the object, then it isn't really a
> security problem to have another one with the same access rights.
Actually that's a pseudo-handle from GetCurrentProcess(). Which can be
duplicated into say global handle with maximum access. So when an app
creates a process and sets any access restrictions on it, it's all
useless for the process itself - as it can always gain 100% access to
itself, and give that 100% access to anyone who wants.
Vitaliy.
More information about the wine-devel
mailing list