[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <2d6724810702201201s57745a67g24105c79a4ff3f42@mail.gmail.com>
Date: Tue, 20 Feb 2007 15:01:41 -0500
From: "T Biehn" <tbiehn@...il.com>
To: "Victor Krapivin" <vik@...nd.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Searching chroot-like jail for Windows
You can duplicate this behavior by using multiple accounts and using runas
(which is essentially, from what I gather, what winquota does.)
You can granularly adjust your user's permissions, not only the file
permissions but also some of the 'windows api permissions' (I don't know
their correct name.)
You could even do it all from the command line, probably using 'secedit' and
'net' and 'runas' (or a third party runas, I forget the name but it made up
for all runas failings.)
Using this you can construct a jail for risky software. (But there are still
privilege escalation attacks, window shattering, etc.)
On 2/20/07, Victor Krapivin <vik@...nd.com> wrote:
>
> Hello full-disclosure,
>
>
> > So is there anyone who can help me or who already implemented
>
> > a more chroot-like jail with microsoft windows?
>
>
> I've found such interesting tool named WinJail: www.winquota.com/wj/
>
>
> Did anybody seen it?
>
>
> --
>
> Best regards,
>
> Victor
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists