lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 11 Jan 2008 20:02:19 +0100
From: Casper.Dik@....COM
To: Alexander Bochmann <ab@...ts.gxis.de>
Cc: bugtraq@...urityfocus.com
Subject: Re: At long last -- Extra Outlooks! 


>...on Thu, Jan 10, 2008 at 10:28:34PM -0800, Thor (Hammer of God) wrote:
>
> > it turns out, Outlook is doing nothing close to what I feared.
> > Basically, the second instance sees that another Outlook window is
> > running in the same interactive logon space, and when it starts, it just
> > calls another popup in the previous Outlook space and then terminates
> > itself (that's close enough, anyway). The good news is that there is no
> > "user hopping" or "boundary crossing" here. 
>
>Sounds comparable to what the Windows Explorer does when 
>it is not expicitly set to run as a separate process (or 
>started with the /separate switch).


Or what firefox, mozilla and other do when you start them on the command 
line: open a new window/tab in the current session.

That was the first thing I was thinking off when I saw the description.

Except that typically these days the "RunAs" in unix terms would have 
failed with "Can't Open Display": a different user cannot open the display.

Casper

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ