Hi,
I'm now looking at some of the failures for the security tests on Vista. Apparently PROCESS_ALL_ACCESS which is defined as:
#define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|0xfff)
is changed on Vista:
#define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|0xffff)
Should I change the tests (CreateProcess) to check for both possibilities or should our PROCESS_ALL_ACCESS be changed?
I'm not sure what implications the latter one has yet. Only that using that mask on other windows versions will/could fail.
On Mon, Mar 17, 2008 at 10:41 AM, Paul Vriens paul.vriens.wine@gmail.com wrote:
Hi,
I'm now looking at some of the failures for the security tests on Vista. Apparently PROCESS_ALL_ACCESS which is defined as:
#define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|0xfff)
is changed on Vista:
#define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|0xffff)
Should I change the tests (CreateProcess) to check for both possibilities or should our PROCESS_ALL_ACCESS be changed?
I'm not sure what implications the latter one has yet. Only that using that mask on other windows versions will/could fail.
Windows Vista/Windows Server 2008 have a new permission flag, PROCESS_QUERY_LIMITED_INFORMATION, with a value of 0x1000. That's why they added the extra nibble. The permission check code isn't supposed to check bits it doesn't know about, so it should be harmless to enable the extra nibble even on older versions.
Carl Fongheiser
-
Carl Fongheiser -
Paul Vriens