bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: secure_getenv + windows


From: Bruno Haible
Subject: Re: secure_getenv + windows
Date: Sun, 29 May 2016 23:49:41 +0200
User-agent: KMail/4.8.5 (Linux/3.8.0-44-generic; KDE/4.8.5; x86_64; ; )

Paul,

> Thanks, that all looks good to me.

OK, I've pushed it.

> I don't know the distinction between runas and runas /env

[1] explains it. I don't think there is a security pitfall here: The
responsibility is with the user who runs a 'runas' command or installs
a scripts that runs 'runas'.

> I was concerned that simply using getenv would introduce security problems.
> Bruno's patch contains a comment 
> containing the sort of explanation I was looking for.

More details:
The security problems are mitigated by the fact that the OS asks the user
before running a program with elevated privileges - even in the case where
the executable is configured to always run with elevated privileges [2].
In native Windows, a program cannot run code with elevated privileges
without the user being aware of it. There is the "task scheduler trick" [3]
but it too requires action by an administrator.

Bruno

[1] http://ss64.com/nt/runas.html
[2] 
http://superuser.com/questions/604927/how-do-i-configure-my-application-to-run-as-administrator-automatically
[3] 
http://www.howtogeek.com/howto/windows-vista/create-administrator-mode-shortcuts-without-uac-prompts-in-windows-vista/




reply via email to

[Prev in Thread] Current Thread [Next in Thread]