>From: "Alun Jones" <alun (at) texis (dot) com [email concealed]>
>Umm... yes. And?
>
>May I quote from the Windows 2000 Server Resource Kit?
>
>"Debug programs
>"(SeDebugPrivilege)
>"Allows the user to attach a debugger to any process. This privilege
>provides access to sensitive and critical operating system components.
>By default, this privilege is assigned to Administrators."
Where in that quote does it say that NtSystemDebugControl() doesn't check
user pointers, and allows you direct hardware access? This advisory is about
2 pointer bugs in NtSystemDebugControl() and what you can do with the help
of NtSystemDebugControl().
>The user is also capable of injecting code into other processes of any
>kind,
>so could install a device driver whether or not he was an administrator.
Yes, I'm well aware of that. But that's old news.
_________________________________________________________________
Store more e-mails with MSN Hotmail Extra Storage ? 4 plans to choose from!
http://click.atdmt.com/AVE/go/onm00200362ave/direct/01/
>Umm... yes. And?
>
>May I quote from the Windows 2000 Server Resource Kit?
>
>"Debug programs
>"(SeDebugPrivilege)
>"Allows the user to attach a debugger to any process. This privilege
>provides access to sensitive and critical operating system components.
>By default, this privilege is assigned to Administrators."
Where in that quote does it say that NtSystemDebugControl() doesn't check
user pointers, and allows you direct hardware access? This advisory is about
2 pointer bugs in NtSystemDebugControl() and what you can do with the help
of NtSystemDebugControl().
>The user is also capable of injecting code into other processes of any
>kind,
>so could install a device driver whether or not he was an administrator.
Yes, I'm well aware of that. But that's old news.
_________________________________________________________________
Store more e-mails with MSN Hotmail Extra Storage ? 4 plans to choose from!
http://click.atdmt.com/AVE/go/onm00200362ave/direct/01/
[ reply ]