[Full-disclosure] Searching chroot-like jail for Windows
T Biehn
tbiehn at gmail.com
Tue Feb 20 20:01:41 GMT 2007
You can duplicate this behavior by using multiple accounts and using runas
(which is essentially, from what I gather, what winquota does.)
You can granularly adjust your user's permissions, not only the file
permissions but also some of the 'windows api permissions' (I don't know
their correct name.)
You could even do it all from the command line, probably using 'secedit' and
'net' and 'runas' (or a third party runas, I forget the name but it made up
for all runas failings.)
Using this you can construct a jail for risky software. (But there are still
privilege escalation attacks, window shattering, etc.)
On 2/20/07, Victor Krapivin <vik at scand.com> wrote:
>
> Hello full-disclosure,
>
>
> > So is there anyone who can help me or who already implemented
>
> > a more chroot-like jail with microsoft windows?
>
>
> I've found such interesting tool named WinJail: www.winquota.com/wj/
>
>
> Did anybody seen it?
>
>
> --
>
> Best regards,
>
> Victor
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070220/33aead9b/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.