[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: secure_getenv + windows

From: Bruno Haible
Subject: Re: secure_getenv + windows
Date: Sun, 29 May 2016 23:49:41 +0200
User-agent: KMail/4.8.5 (Linux/3.8.0-44-generic; KDE/4.8.5; x86_64; ; )


> Thanks, that all looks good to me.

OK, I've pushed it.

> I don't know the distinction between runas and runas /env

[1] explains it. I don't think there is a security pitfall here: The
responsibility is with the user who runs a 'runas' command or installs
a scripts that runs 'runas'.

> I was concerned that simply using getenv would introduce security problems.
> Bruno's patch contains a comment 
> containing the sort of explanation I was looking for.

More details:
The security problems are mitigated by the fact that the OS asks the user
before running a program with elevated privileges - even in the case where
the executable is configured to always run with elevated privileges [2].
In native Windows, a program cannot run code with elevated privileges
without the user being aware of it. There is the "task scheduler trick" [3]
but it too requires action by an administrator.


[1] http://ss64.com/nt/runas.html

reply via email to

[Prev in Thread] Current Thread [Next in Thread]