English 中文(简体)
Using EventLog objects can cause security holes?
原标题:

While reading the Traning Guide for the 70-536 exam written by Tony Northup and friends, I came across the following:

CAUTION - Avoid EventLog objects in partial trust environments
Use of EventLog objects in a partial trust environment can cause serious security holes and should be avoided if at all possible

He basically indicates that because the EventLogPermission is required for a lot of the EventLog usage, this can open a serious security vulnerability. Mischievous code running with this permission granted could, for example, shut down antivirus or spyware detection applications yet make it appear as if it s still running. "The potential is endless".

Is this a serious concern?

最佳回答

Yes, you explained yourself why; a malicious program could shutdown an antivirus program without having an "antivirus shutdown!" event sent to the system s eventlog (like it normally would).

This doesn t mean "don t use Eventlog," it just means "don t pass an Eventlog object to less-trusted processes"

时间:2010-01-28 19:11:42
问题回答

暂无回答


上一篇:
下一篇:


相关问题
Manually implementing high performance algorithms in .NET

As a learning experience I recently tried implementing Quicksort with 3 way partitioning in C#. Apart from needing to add an extra range check on the left/right variables before the recursive call, ...

时间:2009-11-13 05:18:58 回答:3 展示:1
Anyone feel like passing it forward?

I m the only developer in my company, and am getting along well as an autodidact, but I know I m missing out on the education one gets from working with and having code reviewed by more senior devs. ...

时间:2009-11-13 04:17:47 回答:6 展示:1
How do I compare two decimals to 10 decimal places?

I m using decimal type (.net), and I want to see if two numbers are equal. But I only want to be accurate to 10 decimal places. For example take these three numbers. I want them all to be equal. 0....

时间:2009-11-09 14:49:31 回答:5 展示:1
Exception practices when creating a SynchronizationContext?

I m creating an STA version of the SynchronizationContext for use in Windows Workflow 4.0. I m wondering what to do about exceptions when Post-ing callbacks. The SynchronizationContext can be used ...

时间:2009-11-09 14:49:02 回答:2 展示:1
Show running instance in single instance application

I am building an application with C#. I managed to turn this into a single instance application by checking if the same process is already running. Process[] pname = Process.GetProcessesByName("...

时间:2009-11-05 09:45:17 回答:1 展示:1
How to combine DataTrigger and EventTrigger?

NOTE I have asked the related question (with an accepted answer): How to combine DataTrigger and Trigger? I think I need to combine an EventTrigger and a DataTrigger to achieve what I m after: when ...

时间:2009-11-05 09:35:38 回答:4 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全