Eryk Sun <eryk...@gmail.com> added the comment:
> But isn't calling CMD's VER command risky? A process can overwrite its
> PEB OSMajorVersion, OSMinorVersion, and OSBuildNumber.
As long as VER is executed without quotes, the shell will not search for an
external command. CMD is not going to intentionally overwrite the OS version
and build number in the PEB, so that would be due to some kind of weird,
unlikely bug. (CMD's code base is stable. It hasn't seen a new feature since
MKLINK was added 15 years ago.) If malware messes with this, for some strange
reason, it's not Python's problem. For example, I'll attach a debugger and do
just that:
0:000> ?? @$peb->OSMajorVersion = 11
unsigned long 0xb
0:000> ?? @$peb->OSMinorVersion = 0
unsigned long 0
0:000> ?? @$peb->OSBuildNumber = 0x8000
unsigned short 0x8000
C:\>ver
Microsoft Windows [Version 11.0.32768.0]
Hi from the future. :)
> If the cmd has been set to compatibility mode
"%SystemRoot%\System32\cmd.exe" is exempt from compatibility mode (e.g. the
"__COMPAT_LAYER" environment variable).
----------
_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue43284>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
