Eryk Sun <eryk...@gmail.com> added the comment:

> But isn't calling CMD's VER command risky? A process can overwrite its 
> PEB OSMajorVersion, OSMinorVersion, and OSBuildNumber. 

As long as VER is executed without quotes, the shell will not search for an 
external command. CMD is not going to intentionally overwrite the OS version 
and build number in the PEB, so that would be due to some kind of weird, 
unlikely bug. (CMD's code base is stable. It hasn't seen a new feature since 
MKLINK was added 15 years ago.) If malware messes with this, for some strange 
reason, it's not Python's problem. For example, I'll attach a debugger and do 
just that:

    0:000> ?? @$peb->OSMajorVersion = 11
    unsigned long 0xb
    0:000> ?? @$peb->OSMinorVersion = 0
    unsigned long 0
    0:000> ?? @$peb->OSBuildNumber = 0x8000
    unsigned short 0x8000

    C:\>ver
    Microsoft Windows [Version 11.0.32768.0]

Hi from the future. :)

> If the cmd has been set to compatibility mode 

"%SystemRoot%\System32\cmd.exe" is exempt from compatibility mode (e.g. the 
"__COMPAT_LAYER" environment variable).

----------

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue43284>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Reply via email to