Chris, You misunderstand (I think). Interactive services are a *bad idea*. There is no need to have them. If you do have them they should not run under the context of LocalSystem. A good developer will not use them as there are alternatives. Microsoft does not recommend using interactive services. The Windows API has always allowed any window or user to send a message to any window on the same desktop. That is how Windows works. I do advocate Microsoft tightening this up but the problem still lies with bad developers. Regards, John -----Original Message----- From: Chris Calabrese [mailto:chris_calabrese@yahoo.com] Sent: Wednesday, August 07, 2002 6:38 AM To: bugtraq@securityfocus.com Cc: cloder@acm.org; Chris Paget; Florian Weimer; John Howie Subject: Re: White paper: Exploiting the Win32 API. So let me get this straight. Allowing unpriveleged processes to send control messages to priveleged processes is not a flaw in the Win32 API because there is a mechanism for applications to protect themselves from this type of attack (alternate Windows Stations/Desktops). But the mechanism effectively prevents the priveleged processes from providing a GUI because the user won't be able to actually see the alternate Windows Stations/Desktops without some kind of Station switching tool, and/or extra training in how to do this. So, the result is that no applications actually use this mechanism. What part of "this is broken" doesn't make sense? __________________________________________________ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com
