[ros-kernel] User Security
barubary at cox.net
Sun Sep 12 23:23:11 CEST 2004
There is an existing Win32 call, SetUserObjectSecurity, that can be used for
making windows of different privilege levels from messing with each other.
As far as I know, SetUserObjectSecurity can't actually be used to secure
windows in Windows, only desktops and window stations. However, that
doesn't prevent ReactOS from using it with windows. This function could be
used to protect windows from each other.
For compatibility reasons, I think it should be possible to get a list of
all top-level windows and query for each one's caption, no matter the
privilege level. Knowing that "Task Manager" is running is not too useful
to a hacker. But obviously, sending messages to other windows (including
faking keyboard/mouse input), querying child windows, and hooking should be
blocked in these situations.
More information about the Ros-kernel