Root forever guaranteed in Windows?

You can talk about anything here, not necessarily game-related. You may also advertise here.
Post Reply
User avatar
The Beatles
Fear me for I am root
Posts: 6285
Joined: Tue May 24, 2005 8:12 pm

Post by The Beatles »

http://www.biznix.org/articles/shatterattack.html
http://en.wikipedia.org/wiki/Shatter_attack

Basically once you are on a Windows system, whether by compromise of a server (such as SQL server or IIS) or application (such as IE or Office), you then automatically "root" i.e. completely control the computer. This is in contrast to the UNIX-style separation of users philosophy. Apparently this is unfixed in Vista as well. Very interesting.

Bottom line: if you run servers, keep all your processes on different Windows computers, or use UNIX. Not a worry for the average user, they usually run as root anyway.

I never heard about this until today, but it seems to be quite true. Hum, go figure. The really worrying thing, though, is that Microsoft doesn't consider this a design error, and have said they will never address it.

http://web.archive.org/web/20040217090908/http://www.microsoft.com/technet/security/news/htshat.asp
This link downplays the effect, but consider that DDE runs with high privileges and has not been removed from Vista (for compatibility). If that is ever removed, the issue will be fixed. Not in Vista, though.

Well, in all fairness, we won't know until Vista is released.
:wq
Top
User avatar
bjornredtail
Warbands Admin
Posts: 821
Joined: Tue Apr 20, 2004 12:07 am
Contact:
Contact bjornredtail

Post by bjornredtail »

Errr... So what? If something allows an application to become compermised in a server envrioment, you already in trouble security wise. If not, there is no way this exploit can be used. Sure it would be nice to have them UNIX style "watertight compartments", but given how ineffective the Redmonites are at developing... well just about anything, I can see why this isn't a priority for the folks at Microsoft to fix.

I suppose we can see a fix after WinFS or Duke Nukem Forever is relased, whichever comes first :).
0===)=B=j=o=r=n==R=e=d=t=a=i=l==>
Warbands Admin

"Program testing can be used to show the presence of bugs, but never to show their absence!"-Edsger W. Dijkstra
Top
User avatar
The Beatles
Fear me for I am root
Posts: 6285
Joined: Tue May 24, 2005 8:12 pm

Post by The Beatles »

The reason that it would be nice to have becomes clear when you consider that most if not all mercenary cracking takes place by first finding a vulnerable service (the weakest link), taking over it and rooting the server. This just makes the crackers' job much easier.

But yes, you're quite right that we won't be seeing the watertight compartments for quite a while.
:wq
Top
Post Reply

  • Members connected in real time

    🔒 Close the panel of connected members

Return to “General Discussion”