On 3. 2. 2015 11:53, Georg Koppen wrote: > I am putting a patch inline (not sure if attachments are allowed on this > mailing list) that does not make it possible for a local process anymore > to replace canaries which in turn might disable SSP. Comments and/or > review are much appreciated. > > The problem it is trying to solve is outlined in > https://trac.torproject.org/13169#comment:4: > > (Quoting a cypherpunk) > > "In Windows you can to create any directories for any disks(C:, D:, .. > Z:), only system directories (Windows directory, Program files, etc) are > protected. Any process with privileges of any standard user can to > create C:\dev\urandom file and to fill it by any stuff."
Hi. This is maybe off-topic, but I'd like to point out that ACLs can be customized, so any assumption of this kind can be wrong. Also, the motivation for this patch should be "don't use /dev/urandom on Windows, because it's not a thing", not "someone could supply fake random data to us". -- David Macek
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Mingw-w64-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/mingw-w64-public
