Windows XP does have file permissions but...

[kojikun]

you're talking about a microsoft product and youre SURPRISED THAT ITS INSECURE!?

[Pu-239]

Are the permissions built, like linux, so that you cannot overwrite anything you don't own, and programs running under your permissions can't either? I mean on my school computer I managed to install Mozilla on the c:\mozilla since I couldn't write in the Program Files folder. Why the hell does C:\ have write permissions for a regular user (by default?)? The only directory that should have these is anything under c:\application data (is this right?)\username\*. Even then I think you can make windows crash with a hacked user.dat (really is only a concern on multiuser (simultaneous) systems, is 2k/XP/NT multiuser?)

Anyone? I'm thinking no, otherwise viruses would be a nonissue.

[phongn]

My only qualm with XP is the way it hogs resources and the GUI being Teletubby gay, but after customizing it I feel much better.

I don't see how it hogs resources, I removed NT4 on my old workstation at work(500mhz Celeron with 256mb Ram and an ATI128) and it was disgustingly faster and more efficient than a clean NT4 install.

Did NT have DMA turned on? There were a few tricks you had to do with NT4 to get it up to speed.

[Xon]

Are the permissions built, like linux, so that you cannot overwrite anything you don't own, and programs running under your permissions can't either?

Yup. Here is the list of permissions:

• Full Control
• Traverse Folder / Execute File
• List Folder / Read Data
• Read Attributes
• Read extended Attributes
• Create Files / write data
• Create Folders / Append data
• Write attributes
• Write extended attributes
• Delete subfolders and files
• Delete
• Read permissions
• Change permisions
• Take Ownership

These can be allowed or denied to a single user or some group. Denied permissions take preferance over the allowed, and if you belong to a group/user that has denied permisions, well it doesnt matter if you the Administrator. (Yes you can deny that Administrator from change file permisions & taking ownership, but by default only Administrator is given these permisions). The Admistrators group is given special permisions which allow them to take ownership of a file/folder, even if that permision is denied to that group.

Also permisions can be inherited from the 'parent' object, and there is also the ability to reset all child permissions to the current.

Also there is the ability to enable disk quota by user/group.

Why the hell does C:\ have write permissions for a regular user (by default?)?

Backwards compadibility. But it is trivial to change.

There is a command line utility which can be used to change various permisions & force the child objects to have the same permisions(if you have permissions to do so ofcourse)

The only directory that should have these is anything under c:\application data (is this right?)\username\*.

The actual path name is (by default):
"c:\documents and settings\username"
And yes this is the only directory a user should be allowed to write to. Other directories the user shouldnt even read.

Even then I think you can make windows crash with a hacked user.dat (really is only a concern on multiuser (simultaneous) systems, is 2k/XP/NT multiuser?)

2k/XP/NT is a multiuser. By default however the average user cant access this. How winNT derivitive OS implements various features, is dependant on having multipule users logged in.

An example of this is 'fast user switching' in XP. A user can quick log out, and all the user's stuff is actually still running, it just doesnt have access to the desktop(with out some serious trickery by a program).

I havent yet found the place were permisions are stored to allow a given user the rights to see programs which have been created in another user space when you load up the task manager.

[phongn]

Are the permissions built, like linux, so that you cannot overwrite anything you don't own, and programs running under your permissions can't either?

Yes, with one caveat: some programs are not well-programmed and are run under elevated security rights (the frontend to VirusScan, for example).

I mean on my school computer I managed to install Mozilla on the c:\mozilla since I couldn't write in the Program Files folder. Why the hell does C:\ have write permissions for a regular user (by default?)?

Because your school's staff doesn't know what they are doing. My school doesn't let you touch the C partition on their public terminals. Secondly, because C:\ is not equivilant to / on unix.

The only directory that should have these is anything under c:\application data (is this right?)\username\*. Even then I think you can make windows crash with a hacked user.dat (really is only a concern on multiuser (simultaneous) systems, is 2k/XP/NT multiuser?)

NT is multiuser, though to the extent it is depends on which one you get.

[Xon]

Are the permissions built, like linux, so that you cannot overwrite anything you don't own, and programs running under your permissions can't either? I mean on my school computer I managed to install Mozilla on the c:\mozilla since I couldn't write in the Program Files folder. Why the hell does C:\ have write permissions for a regular user (by default?)? The only directory that should have these is anything under c:\application data (is this right?)\username\*. Even then I think you can make windows crash with a hacked user.dat (really is only a concern on multiuser (simultaneous) systems, is 2k/XP/NT multiuser?)

Anyone? I'm thinking no, otherwise viruses would be a nonissue.

Also make sure a user does NOT have debug privilages. Otherwise they can debug the kernal & give them self extra permisions(I am not joking).

But correct use of file(and registery) permisions can drastically reduce how viruses can spread. A virus may still trash a single user(and then only things which are allowed to change), but it shouldnt effect the entire computer.

[Pu-239]

So that means NT based computers cannot be nuked by viruses? I find that hard to believe. Can someone confirm this. Can devices still be written to directly without accessing the filesystem (probably since DirectX alledgedly directly accesses the graphics card). Under *nix, you have device permissions too.That might explain this. This also might be why windows is insecure and unstable (compared to *nix).

Well it's pretty stupid anyways to have write permission on C:\ by default

[Xon]

So that means NT based computers cannot be nuked by viruses? I find that hard to believe. Can someone confirm this.

Properly setup, a NT machine wouldnt get nuked by a virus written for win9x/dos. There are some security flaws which you can expliot to gain access were you shouldnt & get extra permisions when you shouldnt, but the the viruies written for win9x/dos will not work on a properly secured NT machine. So you can write viruses which would kill an NT machine, but those rely of a few expliots & poor/ill informed setup of security permisions.

Can devices still be written to directly without accessing the filesystem (probably since DirectX alledgedly directly accesses the graphics card).

The user can not directly access any device, the user must use a device driver to do so. There are various API which you can use to manipulate devices, and devices are also mapped to file(the format if fairly conveluted).

Device drivers can run in the kernal namespace, the users namespace or as services(which typically run in a different namespace). Were it runs is dependant on what it does, and how it does it. Physical device drivers run in the kernal namespace(like the graphics card driver, hard drive driver, etc) or sit on top of other drivers and use them to implement a device.

Normally there will be a user level device interface, & a kernal level driver. This is what DirectX is, a thin wrapper which hosts a bunch of device drivers. DirectX itself doesnt directly access anything, it makes calls to the actual kernal/user level driver to do the dirty work.

Under *nix, you have device permissions too.That might explain this. This also might be why windows is insecure and unstable (compared to *nix).

Generally windows is unstable due to badly written kernal level device drivers. Badly written user level device drivers normally dont crash the system, but dont make it a positive experiance for the user.

Well it's pretty stupid anyways to have write permission on C:\ by default

Very stupid, personally I think heads should roll in the IT department for that.

[Pu-239]

So that means NT based computers cannot be nuked by viruses? I find that hard to believe. Can someone confirm this.

Properly setup, a NT machine wouldnt get nuked by a virus written for win9x/dos. There are some security flaws which you can expliot to gain access were you shouldnt & get extra permisions when you shouldnt, but the the viruies written for win9x/dos will not work on a properly secured NT machine. So you can write viruses which would kill an NT machine, but those rely of a few expliots & poor/ill informed setup of security permisions.

Can devices still be written to directly without accessing the filesystem (probably since DirectX alledgedly directly accesses the graphics card).

The user can not directly access any device, the user must use a device driver to do so. There are various API which you can use to manipulate devices, and devices are also mapped to file(the format if fairly conveluted).

Device drivers can run in the kernal namespace, the users namespace or as services(which typically run in a different namespace). Were it runs is dependant on what it does, and how it does it. Physical device drivers run in the kernal namespace(like the graphics card driver, hard drive driver, etc) or sit on top of other drivers and use them to implement a device.

Normally there will be a user level device interface, & a kernal level driver. This is what DirectX is, a thin wrapper which hosts a bunch of device drivers. DirectX itself doesnt directly access anything, it makes calls to the actual kernal/user level driver to do the dirty work.

Under *nix, you have device permissions too.That might explain this. This also might be why windows is insecure and unstable (compared to *nix).

Generally windows is unstable due to badly written kernal level device drivers. Badly written user level device drivers normally dont crash the system, but dont make it a positive experiance for the user.

Well it's pretty stupid anyways to have write permission on C:\ by default

Very stupid, personally I think heads should roll in the IT department for that.

I'm confused. How is X able to access graphics hardware without being SUID, while SVGALIB can? Or is X SUID too? Never checked the permissions for X.

I meant by direct access that you don't have to use the API or filesystem, etc, just by passing signals low-level hardware drivers. For example a virus would overwrite the boot record, etc. In linux, for example, if you want to zero out the drive, you do

Code: Select all

dd if=/dev/zero of=/dev/hda1

. And what about device permissions, for example if you don't want a user to use a modem?

[Pu-239]

Of course under linux you have to be root to do that, or made the permissions **6 or **2 or **7, which would be stupid.

[Xon]

I meant by direct access that you don't have to use the API or filesystem, etc, just by passing signals low-level hardware drivers. For example a virus would overwrite the boot record, etc. In linux, for example, if you want to zero out the drive, you do

Code: Select all

dd if=/dev/zero of=/dev/hda1

.

I dont know of any way that can be done, without using an API or the filesystem.

And what about device permissions, for example if you don't want a user to use a modem?

As far as I'm aware you cant do that under windows. You can however prevent them from creating/deleting new dialup connection(they can use existing ones). I know there are permisions that you can set on printers/scanners/faxs.

Various drives can be rigged to be unmounted/mounted for a user(this would probable effect every user logged on)

Of course you could always get a device driver that was user aware, but most existing device drivers arent.

[Pu-239]

http://www-2.cs.cmu.edu/~jparise/directx/

DirectX Resources

DirectX is Microsoft's answer to the developer community's need for a standardized interface to a computer's hardware resources. For system stability and security reasons, Windows no longer allows direct hardware access to userland applications. Some application, such as games, require this kind of direct access to the underlying hardware, though, so DirectX effectively punches holes in Windows' hardware abstraction layer.

DirectX has evolved a tremendous amount since its initial releases. In my opinion, it is now a very mature and reliable development platform.

Below is a collection of resources that I have found useful when doing DirectX development.

* DirectX on MSDN

Here are some resources that I've authored:

* DirectInput Joystick

http://www.tldp.org/HOWTO/Linux-Gamers- ... ml#DIRECTX

3.14. What is DirectX?

DirectX is a collection of proprietary multimedia API's, first developed by Microsoft in 1995, for its various Windows OS's. It's a mistake to say something like "DirectX is like OpenGL" or "DirectX is like SDL", as is commonly said in DirectX tutorials. Multimedia API's are more centralized on Windows than they are on Linux. A more accurate statement would be something like "DirectX is like DRI, OpenGL and SDL combined". As of Feb 2002, the most recent version of DirectX is 8.1. The components of DirectX are:

DirectDraw

DirectDraw gives direct access to video memory, like DRI, so 2D graphics can be blitted directly to the video card. DirectDraw is like the graphical component of SDL, but the direct video card access is done by DRI rather than SDL. This is why a game can easily take out a Windows system but should not take down a Linux system.
Direct3D (D3D)

Direct3D, like OpenGL, provides a 3D graphics API. Whereas OpenGL is open source, lower level and compiles under a multitude of operating systems, D3D is proprietary, higher level and only compiles on Windows. D3D first appeared in DirectX 2, released in 1996.
DirectXAudio

Direct Audio is a combination of 2 audio API's, DirectSound and DirectMusic, which allows direct access to the sound card for sound and music playback.
DirectInput

DirectInput gives support for gaming input devices such as joysticks.
DirectPlay

DirectPlay gives support for simplified networking for multiplayer gaming.
DirectShow

DirectShow provides support for movie files like AVI and MPG. It was a separate API from DirectX, but was integrated with DirectX 8.
DirectSetup

This API provides a way to install DirectX from within an application to simplify game installation.

DirectX is "kind of" supported by winex (Section 10.4.3), poorly supported by wine (Section 10.4.1), barely supported by vmware (Section 10.4.5) and unsupported by Win4Lin (Section 10.4.4).

One comment about portability. Each component of DirectX has multiple corresponding library on Linux. Moreover, a game writer who uses libraries like OpenGL, GGI or SDL will write a game which will trivially compile on Windows, Linux and a multitude of other OS's. Yet game companies persist using DirectX and therefore limit their audience to Windows users only. If you're a game writer, please consider using cross platform libraries and stay away from DirectX.

A company named realtechVR started an open source project, DirectX Port, <http://www.v3x.net/directx> which, like wine, provides a Direct3D emulation layer that implements Direct3D calls. The project was focused on the BeOS platform, but is now focused on MacOS and Linux. You can get the latest cvs from their sourceforge page at <http://sourceforge.net/projects/dxglwrap>.

[Xon]

http://www-2.cs.cmu.edu/~jparise/directx/

DirectX effectively punches holes in Windows' hardware abstraction layer.

Marketing hype, and mostly true. DirectX is a much thinner wrapper around the hardware than standard windows graphics.

http://www.tldp.org/HOWTO/Linux-Gamers- ... ml#DIRECTX

DirectDraw is like the graphical component of SDL, but the direct video card access is done by DRI rather than SDL. This is why a game can easily take out a Windows system but should not take down a Linux system.

DirectX games dont take down winXP & win2k machine like they do win9x. Win9x is a horride platform and shouldnt be use to compare windows based OS's against modern OS's

http://msdn.microsoft.com/library/en-us ... xovrvw.asp

DirectX provides a “hardware abstraction layer” (HAL for short) that uses software drivers to communicate between game software and computer hardware

http://msdn.microsoft.com/archive/defau ... d_6z3n.asp

Hardware Abstraction Layer
Microsoft® Direct3D® provides device independence through the hardware abstraction layer (HAL). The HAL is a device-specific interface, provided by the device manufacturer, that Direct3D uses to work directly with the display hardware. Applications never interact with the HAL. Rather, with the infrastructure that the HAL provides, Direct3D exposes a consistent set of interfaces and methods that an application uses to display graphics. The device manufacturer implements the HAL in a combination of 16-bit and 32-bit code under Microsoft Windows®. Under Windows NT® and Windows 2000, the HAL is always implemented in 32-bit code. The HAL can be part of the display driver or a separate dynamic-link library (DLL) that communicates with the display driver through a private interface that driver's creator defines.

The Direct3D HAL is implemented by the chip manufacturer, board producer, or original equipment manufacturer (OEM). The HAL implements only device-dependent code and performs no emulation. If a function is not performed by the hardware, the HAL does not report it as a hardware capability. Additionally, the HAL does not validate parameters; Direct3D does this before the HAL is invoked.

In DirectX 8.0, the HAL can have three different vertex processing modes: software vertex processing, hardware vertex processing, and mixed vertex processing on the same device. The pure device mode is a variant of the HAL device. The pure device type supports hardware vertex processing only, and allows only a small subset of the device state to be queried by the application. Additionally, the pure device is available only on adapters that have a minimum level of capabilities.

[Slartibartfast]

Are the permissions built, like linux, so that you cannot overwrite anything you don't own, and programs running under your permissions can't either? I mean on my school computer I managed to install Mozilla on the c:\mozilla since I couldn't write in the Program Files folder. Why the hell does C:\ have write permissions for a regular user (by default?)? The only directory that should have these is anything under c:\application data (is this right?)\username\*. Even then I think you can make windows crash with a hacked user.dat (really is only a concern on multiuser (simultaneous) systems, is 2k/XP/NT multiuser?)

They are built-in in the NTFS file system. Encryption is optional.

Normally everything is read-write-free at least for Admin users, maybe that particular computer was set that way.

This doesn't mean it's bulletproof of course. I think there's a boot disk somewhere that pretty much lets you do what you want with NTFS.

[Xon]

They are built-in in the NTFS file system. Encryption is optional.

Normally everything is read-write-free at least for Admin users, maybe that particular computer was set that way.

This doesn't mean it's bulletproof of course. I think there's a boot disk somewhere that pretty much lets you do what you want with NTFS.

Encryption & compression are supported in NTFS5, and the encryption appears to be half-way desent.

Yes there is a boot disksome were which ignore file permisions, as it is a custom written file system reader. However this wouldnt defeat the encryption, as it is actually encrypted on disk rather than some driver based lock.

But then again, you get physical access to any harddrive and you can practically ignore any file permisions it has regardless of the actual file system, with the right software of course.

[Pu-239]

http://www.brienposey.com/kb/working_wi ... yption.asp

Can you recover the keys once you have access to the user's account?