« previous next »
Pages: 1 [2]   Go Down

Author Topic: Avast and Session 0 isolation in Vista  (Read 10687 times)

0 Members and 1 Guest are viewing this topic.

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: Avast and Session 0 isolation in Vista
« Reply #15 on: November 29, 2006, 04:21:35 PM »
Quote from: jamesvaul on November 29, 2006, 04:15:03 PM
Quote from: Vlk on November 28, 2006, 07:17:17 PM
Unfortunately, this is not the case... The principal problem is that unlike in Unix/Linux, an already running process cannot be elevated. Ie. the elevation can only occur during process startup.

This is TOTALLY false! UAC is fully programmable and it's better than linux' SUDO!
You can start to study it from here: http://msdn.microsoft.com/windowsvista/reference/default.aspx?pull=/library/en-us/dnlong/html/AccProtVista.asp

jamesvaul, trust me, it is not false (at all).
I know the document very well, and I even personally know some of the people directly involved in the UAC team at Microsoft (we have discussed these things together). I understand UAC pretty well. ;)

You're misinterpreting my statement, UAC is indeed "fully programmable" but what I said still stands (but it's probably too technical to discuss here)...

No need to argue.
Logged
If at first you don't succeed, then skydiving's not for you.

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11850
    • AVAST Software
Re: Avast and Session 0 isolation in Vista
« Reply #16 on: November 29, 2006, 04:27:06 PM »
Besides, if you scroll near the bottom of this document, you can read:

..."Since a process that has started, cannot elevate its permissions, there must be a strategy to launch a separate process if additional privilege is required." ...
Logged
Pages: 1 [2]   Go Up
« previous next »