Bugtraq mailing list archives

Re: COM and Windows 2000

From: thomasz () HOSTMASTER ORG (thomasz () HOSTMASTER ORG)
Date: Sun, 12 Sep 1999 17:32:17 +0200

I haven't tested this yet on Server but I'd imagine this would go for the
likes of Backup and Server Operators.
I've written (well I wrote 1/10th and the MFC wizard did the rest ;-) an MFC
app that will edit the registry (changing MSIServer to Spooler), call

Everyone having the "Restore Files Permission" can undermine system security because he can not only replace any system 
file disregarding permissions but also replace permissions on any file.
Therefore Microsoft recommends granting this privilege only to trusted individues.
We'd better face the fact that Windows hasn't been designed to be a secure system and will therefore never be.

Thommy

Growing old is mandatory... growing up is optional.
-------------------------------------------------
  T h o m a s   Z e h e t b a u e r   ( TZ251 )
  PGP encrypted mail preferred - KeyID 96FFCB89
       mail pgp-key-request () hostmaster org
-------------------------------------------------

<!-- attachment="bin0a19100" -->
<HR>
<UL>
<LI>application/pgp-signature attachment: stored
</UL>

Current thread:

Re: fixing all buffer overflows --- random magin numbers, (continued)
- - - Re: fixing all buffer overflows --- random magin numbers Eric Hutchinson (Sep 12)
    - Re: fixing all buffer overflows --- random magin numbers Daniel W. Dulitz x108 (Sep 13)
    - Enterprise Overflow Daniel Kerr (Sep 11)
    - Re: gftp - ms ftp debug mode Valentin (Sep 12)
    - Re: gftp - ms ftp debug mode Max Vision (Sep 12)
    - Linux 2.2.12 mini-audit Solar Designer (Sep 13)
    - Vulnerability in dtaction Job de Haas (Sep 13)
    - Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug UNYUN (Sep 12)
    - Accept overflow on Netscape Enterprise Server 3.6 SP2 Nobuo Miwa (Sep 12)
  - COM and Windows 2000 Mnemonix (Sep 05)
    - Re: COM and Windows 2000 thomasz () HOSTMASTER ORG (Sep 12)