The whole point of driver is signing is the trust of scenario #2. The
inf, cat and sys file are all signed.
As for scenario one, the setup class guid itself just indicates the type
of device being installed, not necessarily (the class guid does define
class upper filters which come into play) the drivers being installed
for the device. The class drivers usually associated with the class
guid can be trusted to a degree, but since the class drivers were
probably never tested with the device which is unsigned, there is no
guarantee of compatibility and full function until after it has gone
through WHQL testing.
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Marco Peretti
Sent: Monday, November 22, 2004 12:11 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] how to get a notification when a user plugs in a new
device?
Doron,
re-reading my question I have realized that I was not that clear – let
me
address both of your comments and hopefully it will all become clear.
>I am not sure what you are asking. If the driver is signed, there is
no
issue here b/c the driver installs w/out any user intervension. <<
I was referring to the vendor-supplied CD for the product setup. You are
correct for what concerns the signed drivers but many PnP devices,
whether
signed or not, come with a CD that contains an installation program for
their applications.
>Ah, but they are. The providing the vendor CD part is where you get
the
elevation of privilege. Since you can’t control what is being
installed, you can’t know what the installation / vendor CD is doing.<<
That is the tricky part: one could indeed fiddle with the vendor CD and
cheat rundll32.exe into starting another setup.exe. That is why, a few
posts
ago, I asked how safe would it be to rely on that information for signed
drivers.
By safe I meant:
- how safe is to use the “setup class guid” -> relationship to device
and
- how safe would it be to rely on the cat file for signed drivers
And I think that I can answer #2 myself: not safe at all unless that cat
file contains the md5/sha-1 of the setup.exe to be run. One may verify
the
integrity of the inf file by means of the cat file and , I think, the
relationship of the .cat file to driver binary but there is nothing
about
the setup.exe.
One could take a vendor CD and make up his own with the original
cat/inf/sys
but hos own application named setup.exe … correct?
Marco
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com