[ros-kernel] User Security
Alex Ionescu
ionucu at videotron.ca
Mon Sep 13 07:57:38 CEST 2004
Actually, this is already implemented in Windows 2000+ thanks to Job
Objects. The hWnds of processes outisde the Job Object don't even
"exist" from inside it, so you won't even know a window is here.
Best regards,
Alex Ionescu
Barubary wrote:
>There is an existing Win32 call, SetUserObjectSecurity, that can be used for
>making windows of different privilege levels from messing with each other.
>As far as I know, SetUserObjectSecurity can't actually be used to secure
>windows in Windows, only desktops and window stations. However, that
>doesn't prevent ReactOS from using it with windows. This function could be
>used to protect windows from each other.
>
>For compatibility reasons, I think it should be possible to get a list of
>all top-level windows and query for each one's caption, no matter the
>privilege level. Knowing that "Task Manager" is running is not too useful
>to a hacker. But obviously, sending messages to other windows (including
>faking keyboard/mouse input), querying child windows, and hooking should be
>blocked in these situations.
>
>Melissa
>
>_______________________________________________
>Ros-kernel mailing list
>Ros-kernel at reactos.com
>http://reactos.com/mailman/listinfo/ros-kernel
>
>
>
More information about the Ros-kernel
mailing list