Security Holes That Run Deep

Security Holes That Run Deep
Mark Burnett, 2004-12-20

How a seemingly simply Microsoft bug betrayed its author's disdain for a wide range of secure coding principles.

Security Holes That Run Deep 2004-12-20
Anonymous (2 replies)

Security Holes That Run Deep 2004-12-22
michaels (1 replies)

Security Holes That Run Deep 2004-12-23
Anonymous

Security Holes That Run Deep 2004-12-26
Anonymous

How can an application "bypass NTFS permissions?"

Simple! Use a Linux machine to acccess a file share using SMB. No matter what user account is used to validate the loggin the linux machine gets the NTFS permission set to the user account "System", which grants better access to files than any administrator account. Ever set the NTFS permissions to block System and see what happens?

NTFS is a joke!

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/285/29679#29679

Nothing new from MS here... 2004-12-21
Anonymous

Security Holes That Run Deep 2004-12-21
bazzargh

Failing Open vs. Closed 2004-12-22
Andy S.

Security Holes That Run Deep 2004-12-23
Anonymous

Security Holes That Run Deep 2004-12-29
Anonymous-Philippines (1 replies)

Re: Security Holes That Run Deep 2009-06-10
Anonymous - US