From: "Brian Eckman" <eckman (at) umn (dot) edu [email concealed]>

> > If someone were to find a way to bind to those hotkeys, would you
> > then consider this a security issue with Windows? If so, how is
> > Apple's failure to block kill calls to the screen saver not a
> > security issue?
> >
> > Gavin
>
>
> Windows does allow others to bind to those hotkeys. The Novell client
is
> a good example. The Novell NDS password can be used to unlock the
screen
> saver, without requiring the Windows password to be entered. Obviously
> other programs could bypass the Windows authentication as well.
>

It's been a few years and things may have changed, but in the past
Novell accomplished this by replacing the standard msgina.dll with one
of their own making. Microsoft provides information on how to do this
sort of thing:

http://support.microsoft.com/default.aspx?scid=kb;en-us;810756

FWIW, there is even a GNU replacement (well, for NT, anyway):

http://wwwthep.physik.uni-mainz.de/~frink/newgina_pre09/readme.html

It seems to me, though, that if the admin replaces Microsoft's GINA, he
can't complain about how (or whether) the replacement traps
Ctrl+Alt+Del. I don't think (though I may be mistaken) that there's a
way to trap those hotkeys when Microsoft's msgina.dll is in place and
working properly.

Regards,

Fred Noltie

[ reply ]