<div><br>Interesting, very interesting. I'll take a look</div>
<div> </div>
<div>regards,</div>
<div>Luciano</div>
<div>(new in the list)<br> </div>
<div><span class="gmail_quote">2006/1/31, <a href="mailto:sudhakar+fulldisclosure@cs.princeton.edu">sudhakar+fulldisclosure@cs.princeton.edu</a> <<a href="mailto:sudhakar+fulldisclosure@cs.princeton.edu">sudhakar+fulldisclosure@cs.princeton.edu
</a>>:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><br>Hello everybody,<br><br>We have constructed a logical model of Windows XP access control, in a<br>declarative but executable (Datalog) format. We have built a scanner
<br>that reads access-control configuration information from the Windows<br>registry, file system, and service control manager database, and feeds<br>raw configuration data to the model. Therefore we can reason about<br>
such things as the existence of privilege-escalation attacks, and<br>indeed we have found several user-to-administrator vulnerabilities<br>caused by misconfigurations of the access-control lists of commercial<br>software from several major vendors. We propose tools such as ours as
<br>a vehicle for software developers and system administrators to model<br>and debug the complex interactions of access control on installations<br>under Windows.<br><br><br>The full version of the paper can be found at:
<br><br><a href="http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf">http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf</a><br><br><br>All the vendors and CERT are aware of this paper. The bugs are *not*<br>remotely exploitable. The CERT id is VU#953860.
<br><br><br>regards,<br>Sudhakar Govindavajhala and Andrew Appel.<br><br>Bio:<br><br>Sudhakar Govindavajhala is a finishing PhD student at Computer Science<br>department, Princeton University. His interests are computer security,
<br>operating systems and networks. Sudhakar is looking for employment<br>opportunities.<br><br><br>Andrew Appel is a Professor of Computer Science at Princeton University.<br>He is currently on sabbatcal at INRIA Rocquencourt. His interests are
<br>computer security, compilers, programming languages, type theory, and<br>functional programming.<br><br><br><br><br><br><br>Sudhakar Govindavajhala Department of Computer Science<br>Graduate Student, Princeton University
<br>Ph : +1 609 258 1763<br> <a href="http://www.cs.princeton.edu/~sudhakar">http://www.cs.princeton.edu/~sudhakar</a><br>_______________________________________________<br>Full-Disclosure - We believe in it.
<br>Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>Hosted and sponsored by Secunia - <a href="http://secunia.com/">http://secunia.com/
</a><br></blockquote></div><br>