how to prevent the user into the safemode of the system?

hello,
i want to do something to prevent going into the safemode of the
system,what can i do?
best regards
ding hao


Ãâ·ÑÏÂÔØ MSN Explorer: http://explorer.msn.com/lccn/

So you want to stop a user from being able to boot a system in a known state
to recover the world. The only purpose of something like this is a virus.
I don’t believe anyone here will help you corrupt a system that way.


Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

“shark marian” wrote in message
news:xxxxx@ntdev…
> hello,
> i want to do something to prevent going into the safemode of the
> system,what can i do?
> best regards
> ding hao
>
> _________________________________________________________________
> Ãâ·ÑÏÂÔØ MSN Explorer: http://explorer.msn.com/lccn/
>

I would like to quote the below author: “Please let me know which produ=
ct
this is in, so that I can make sure that I NEVER install it on my
machine”.

Preventing safe-mode boot is not a nice thing to do, and it’s something=

that I would REQUIRE to be kept unchanged in any computer that I ever w=
ork
with, simply because it’s a VERY useful way to un-install an errant dri=
ver
or some other system component that is causing a problem…

I too fail to see any USEFUL purpose in preventing Safe-mode.

Considering that the OP also asked for help on a known “Rootkit” driver=
, I
would suspect that the OP isn’t interested in anything that will benefi=
t
the public…


Mats

So you want to stop a user from being able to boot a system in a know=
n
state
to recover the world. The only purpose of something like this is a
virus.
I don’t believe anyone here will help you corrupt a system that way.


Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply

“shark marian” wrote in message
> news:xxxxx@ntdev…
> > hello,
> > i want to do something to prevent going into the safemode of the=

> > system,what can i do?
> > best regards
> > ding hao
> >
> > _________________________________________________________________
> > =C3=E2=B7=D1=CF=C2=D4=D8 MSN Explorer: http://explorer.msn.com/lc=
cn/
> >=

Some processes or BHO hi jacks the system and can only be removed in
safe mode… so someone who make such programs needs to prevent safe mode.
duh

Daher

Mats PETERSSON wrote:

I would like to quote the below author: “Please let me know which product
this is in, so that I can make sure that I NEVER install it on my
machine”.

Preventing safe-mode boot is not a nice thing to do, and it’s something
that I would REQUIRE to be kept unchanged in any computer that I ever work
with, simply because it’s a VERY useful way to un-install an errant driver
or some other system component that is causing a problem…

I too fail to see any USEFUL purpose in preventing Safe-mode.

Considering that the OP also asked for help on a known “Rootkit” driver, I
would suspect that the OP isn’t interested in anything that will benefit
the public…


Mats

>So you want to stop a user from being able to boot a system in a known
>
>
state

>to recover the world. The only purpose of something like this is a
>
>
virus.

>I don’t believe anyone here will help you corrupt a system that way.
>
>
>
>–
>Don Burn (MVP, Windows DDK)
>Windows 2k/XP/2k3 Filesystem and Driver Consulting
>Remove StopSpam from the email to reply
>
>
>
>“shark marian” wrote in message
>>news:xxxxx@ntdev…
>>
>>
>>>hello,
>>> i want to do something to prevent going into the safemode of the
>>>system,what can i do?
>>> best regards
>>> ding hao
>>>
>>> _________________________________________________________________
>>>Ãâ·ÑÏÂÔØ MSN Explorer: http://explorer.msn.com/lccn/
>>>
>>>
>>>
>
>
>—
>Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: unknown lmsubst tag argument: ‘’
>To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
>

Or, is it some access-control software (“security enhancement” ]:-> )that
goes out of the way when the user boots up safe-mode ?

Are ACLs not enough ?

(Internet Cafe/Customized system) ==> maybe try XP embedded.

Norbert.

“I’d like to become an optimist, but I’d doubt it would work out.”
---- snip ----

Daher wrote:

Some processes or BHO hi jacks the system and can only be removed in
safe mode… so someone who make such programs needs to prevent safe
mode.
duh

“Duh”? Are you suggesting that you’re the only one here who knew this?
You need to read the message thread a little more carefully. We all
know exactly what kind of programmer “needs” to prevent safe mode, and
none of us LEGITIMATE programmers wants any of them on this planet any more.

The hours and dollars I’ve wasted cleaning up the result of scum like
that. Makes me sick. Duh, indeed.

Mats PETERSSON wrote:

>
>
> I would like to quote the below author: “Please let me know which
> product
> this is in, so that I can make sure that I NEVER install it on my
> machine”.
>
> Preventing safe-mode boot is not a nice thing to do, and it’s something
> that I would REQUIRE to be kept unchanged in any computer that I ever
> work
> with, simply because it’s a VERY useful way to un-install an errant
> driver
> or some other system component that is causing a problem…
>
> I too fail to see any USEFUL purpose in preventing Safe-mode.
>
> Considering that the OP also asked for help on a known “Rootkit”
> driver, I
> would suspect that the OP isn’t interested in anything that will benefit
> the public…
>
> –
> Mats
>
>
>
>> So you want to stop a user from being able to boot a system in a known
>>
>
> state
>
>
>> to recover the world. The only purpose of something like this is a
>>
>
> virus.
>
>
>> I don’t believe anyone here will help you corrupt a system that way.
>>
>>
>>
>>
>> “shark marian” wrote in message
>>> news:xxxxx@ntdev…
>>>
>>>
>>>> hello,
>>>> i want to do something to prevent going into the safemode of the
>>>> system,what can i do?
>>>> best regards
>>>> ding hao
>>>>
>>>> _________________________________________________________________
>>>> Ãâ·ÑÏÂÔØ MSN Explorer: http://explorer.msn.com/lccn/
>>>

To be fair, I looked back at the archives, and most of the questions
this guy has asked seem to lean more towards locking down a system so
that the user can’t perform unauthorized activities.

Personally, I’m not certain that’s a good thing to promote either, but…

One thing you can do in safe mode that nullifies any protections someone
might want to put in place is to overwrite system files that would
normally be protected by SFP.

If you’re in an environment where if a system goes corrupt it’s
preferable to reformat the hard drive rather than risk allowing the
corruption, then I could see this as one legitimate reason why you might
think you want to prevent booting to safe mode. It might not be the best
way to go about it, but it’s at least a reason.

OP: if you want help with this, please tell us exactly *why* you want to
be able to do this. It’s very hard to imagine that preventing safe mode
is actually the *best* solution to whatever problem you’re trying to
solve. Without knowing what problem you’re trying to solve, we can’t
help you find the best solution.

For example: If you want to prevent a user from booting without your
security driver, it would be *much* better to add your device to the
critical device database so that your driver would be loaded even in
safe mode.

Don Burn wrote:

So you want to stop a user from being able to boot a system in a known state
to recover the world. The only purpose of something like this is a virus.
I don’t believe anyone here will help you corrupt a system that way.


…/ray..

Please remove “.spamblock” from my email address if you need to contact
me outside the newsgroup.

Nothing. Even if you will block this - the user will boot from Windows CD
and press “R”.

Writing a virus, yes? :slight_smile:

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “shark marian”
To: “Windows System Software Devs Interest List”
Sent: Tuesday, April 19, 2005 3:05 PM
Subject: [ntdev] how to prevent the user into the safemode of the system?

> hello,
> i want to do something to prevent going into the safemode of the
> system,what can i do?
> best regards
> ding hao
>
> _________________________________________________________________
> Ãâ·ÑÏÂÔØ MSN Explorer: http://explorer.msn.com/lccn/
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com

I had a similar problem when I wrote a GINA replacement.
When the user boots in safe mode MS GINA is loaded, not the other custom
GINAs and the security was not there anymore so we had to replace the
real password with a random,encrypted bla bla password and let the user
know that he still has his own password but in fact it wasn’t. So, this
could be an explanation but I don??t think he wants that :<.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of shark marian
Sent: Tuesday, April 19, 2005 2:06 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] how to prevent the user into the safemode of the
system?

hello,
i want to do something to prevent going into the safemode of the
system,what can i do?
best regards
ding hao


??? MSN Explorer: http://explorer.msn.com/lccn/


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as: xxxxx@trustnet.ro
To unsubscribe send a blank email to xxxxx@lists.osr.com