UAC not a "security boundary."

Posted: 09-17-2008, 01:55 AM
Does anyone know, why MS does not consider UAC to be a security boundary?
And what are the trade-offs involved with making it one? Is it not possible
to make it a security boundary? It seems kinda anti-customer to say "if we
find a security exploit in our code (in UAC) we won't fix it," doesn't it?
I wish this would be fixed in Windows 7, but I admit I don't understand all
the issues involved, so any help would be nice.

UAC not a "security boundary."


Responses to "UAC not a "security boundary.""

FromTheRafters
Guest
Posts: n/a
 
Re: UAC not a "security boundary."
Posted: 09-17-2008, 02:44 AM
http://www.microsoft.com/technet/tec...C/default.aspx

Right near the bottom.

"James R. Gentile" <no1@nowhere.net> wrote in message
news:bK2dnfIw_fEv_k3VnZ2dnUVZ_judnZ2d@comcast.com. ..
> Does anyone know, why MS does not consider UAC to be a security boundary?
> And what are the trade-offs involved with making it one? Is it not
> possible to make it a security boundary? It seems kinda anti-customer to
> say "if we find a security exploit in our code (in UAC) we won't fix it,"
> doesn't it? I wish this would be fixed in Windows 7, but I admit I don't
> understand all the issues involved, so any help would be nice.
Victor Constantinescu
Guest
Posts: n/a
 
Re: UAC not a "security boundary."
Posted: 09-20-2008, 10:18 AM
Hi,
Mark Russinovich explains it best in his presentation "Windows Security
Boundaries". You can view it on technet spotlight here:
http://www.microsoft.com/emea/spotli...px?videoid=993

--
Victor Constantinescu aka YounGun
Security MVP
http://victor-youngun.blogspot.com/


"James R. Gentile" <no1@nowhere.net> wrote in message
news:bK2dnfIw_fEv_k3VnZ2dnUVZ_judnZ2d@comcast.com. ..
> Does anyone know, why MS does not consider UAC to be a security boundary?
> And what are the trade-offs involved with making it one? Is it not
> possible to make it a security boundary? It seems kinda anti-customer to
> say "if we find a security exploit in our code (in UAC) we won't fix it,"
> doesn't it? I wish this would be fixed in Windows 7, but I admit I don't
> understand all the issues involved, so any help would be nice.
James R. Gentile
Guest
Posts: n/a
 
Re: UAC not a "security boundary."
Posted: 09-25-2008, 06:58 AM
Good article, and good video, thanks to both of you.

"James R. Gentile" <no1@nowhere.net> wrote in message
news:bK2dnfIw_fEv_k3VnZ2dnUVZ_judnZ2d@comcast.com. ..
> Does anyone know, why MS does not consider UAC to be a security boundary?
> And what are the trade-offs involved with making it one? Is it not
> possible to make it a security boundary? It seems kinda anti-customer to
> say "if we find a security exploit in our code (in UAC) we won't fix it,"
> doesn't it? I wish this would be fixed in Windows 7, but I admit I don't
> understand all the issues involved, so any help would be nice.
 
LinkBack Thread Tools Display Modes
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
How can I add the icons "Delete", "Cut", "Copy" and "Paste" in Vis Moonwalker Windows Vista File Management 5 09-17-2007 10:53 PM
Cookies will not enable even after changing settings for "Security" and "Privacy" tabs in "Internet Options", any suggestions? tianimh Windows XP Help & Support 2 01-27-2004 12:46 AM
TD Error: 1004: Invalid resource: "<File(819):"%17%","machine.inf">": Juergen Striegel Windows XP Embedded 2 11-28-2003 12:20 PM
Manual "Windows Update" produces "ActiveX/active scripting" error message even with "LOW" security level setting in "Trusted" Zone Ray2 Windows XP Help & Support 1 11-14-2003 06:50 PM
"Microsoft Baseline Security Analyzer" "DCOM-KB827363" samk Windows XP Security & Administration 1 09-13-2003 03:25 AM