Welcome to Vista Banter. You are currently viewing our boards as a guest which gives you limited access to view most discussions, articles and access our other FREE features. By joining our free community you will have access to ask questions and reply to others posts, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact support. |
|
Security and Windows Vista A forum for discussion on security issues with Windows Vista. (microsoft.public.windows.vista.security) |
|
LinkBack | Thread Tools | Display Modes |
|
|||
The multi-desktop kludge for process isolation
In Vista, if I want to ensure that two processes can't read each other's
files, then I have to run those processes as separate users. This would be practical if I could mix different users' processes' windows on one desktop, in order to have ready access to them all. So why can't I do this? Why do all of the windows for each user have to be isolated onto per-user desktops, with the desktops switched among using FUS? |
|
|||
The multi-desktop kludge for process isolation
"Jimmy Brush" wrote in message
... Hello, You can mix different users windows onto one desktop using the runas command line tool. Excellent! Thank you. But I've already run into one problem: I got cmd, calc, and notepad to run successfully as another user, but when I try explorer, nothing starts. After runas gets the password, displays the standard 'Attempting to start explorer as user "machine\foo" ...', and returns, nothing else happens; explorer doesn't start. No error message is given. BTW, how secure is the process isolation? If I run a program simultaneously as two different users on the same desktop, what communication paths are available by default for these two processes to communicate with each other? (I ask because I want to be able to ensure isolation even while assuming that the processes will try any means possible to communicate with each other.) Is it possible to prevent each one from knowing that the other one is even running? Also, I don't suppose it's possible to move a currently open window (running either as the current user or as another user) to another user's desktop... |
|
|||
The multi-desktop kludge for process isolation
snip
but when I try explorer, nothing starts. Unfortunately, explorer does not allow itself to be ran in the context of a different user. I'm not aware of the technical (or non-technical) reasons why. snip BTW, how secure is the process isolation? I do not believe processes running on the same desktop are isolated in any special way (even if they are running in the context of another user), except for the isolation involved through UAC. If one program is running as a standard user and another program is running as an administrator, then UAC enforces this seperation. The application can interact with the other windows on your desktop, since it belongs to the same desktop; however, it runs from the user and security context of the other user (it only has access to the objects that the other user does, and when it accesses say HKEY_CURRENT_USER it is talking to the other user's registry hive). Windows running in the same desktop have many means of communciation with each other - they can use the clipboard and send window messages to each other, not to mention use the lines of communication that are available to any program regardless of desktop (named/unnamed pipes, sockets, shared memory, etc). Is it possible to prevent each one from knowing that the other one is even running? Not that I am aware of. Also, I don't suppose it's possible to move a currently open window (running either as the current user or as another user) to another user's desktop... My unerstanding is that once a window is created it is permanently attached to the desktop in which it was created. -- - JB Windows Vista Support Faq http://www.jimmah.com/vista/ |
Thread Tools | |
Display Modes | |
|
|