Hello All ,
I am developing one wrapper around MSGINA for windows NT ,but I am unable
to get the UserName and Password after User enter’s it while login. Can
anybody tell me in which callback I should get it ??
I tried in WlxLoggedOutSAS and WlxActivateUserShell…
How can I get it ???
I dont know exactly where u will get UserName and Password… but u can put
one messagebox for each callback functions to identify.
regards,
Satish K.S
----- Original Message -----
From: “Krishna”
To: “NT Developers Interest List”
Sent: Thursday, April 18, 2002 3:55 PM
Subject: [ntdev] I want to retrieve Username ,Password ,Domain text from
GINA system.
> Hello All ,
>
> I am developing one wrapper around MSGINA for windows NT ,but I am unable
> to get the UserName and Password after User enter’s it while login. Can
> anybody tell me in which callback I should get it ??
> I tried in WlxLoggedOutSAS and WlxActivateUserShell…
>
> How can I get it ???
>
> —
> You are currently subscribed to ntdev as: xxxxx@aalayance.com
> To unsubscribe send a blank email to %%email.unsub%%
>
Hi,
You should use a global UserDataContext and fill it in with credentials info (username, password, domain) during WlxLoggedOutSAS when you can hook the user entries and you can use this UserDataContext later when you need to get the credentials.
Stefan
-----Original Message-----
From: Krishna [mailto:xxxxx@rediffmail.com]
Sent: Thursday, April 18, 2002 12:25 PM
To: NT Developers Interest List
Subject: [ntdev] I want to retrieve Username ,Password ,Domain text from
GINA system.
Hello All ,
I am developing one wrapper around MSGINA for windows NT ,but I am unable
to get the UserName and Password after User enter’s it while login. Can
anybody tell me in which callback I should get it ??
I tried in WlxLoggedOutSAS and WlxActivateUserShell…
How can I get it ???
You are currently subscribed to ntdev as: sboboc@ps.ro
To unsubscribe send a blank email to %%email.unsub%%
I really hope like hell you can’t do it! That would violate any number of
proper security procedures and safeguards.
Greg
----- Original Message -----
From: “Krishna”
To: “NT Developers Interest List”
Sent: Thursday, April 18, 2002 3:55 PM
Subject: [ntdev] I want to retrieve Username ,Password ,Domain text from
GINA system.
> Hello All ,
>
> I am developing one wrapper around MSGINA for windows NT ,but I am unable
> to get the UserName and Password after User enter’s it while login. Can
> anybody tell me in which callback I should get it ??
> I tried in WlxLoggedOutSAS and WlxActivateUserShell…
>
> How can I get it ???
>
> —
> You are currently subscribed to ntdev as: xxxxx@aalayance.com
> To unsubscribe send a blank email to %%email.unsub%%
>
—
You are currently subscribed to ntdev as: xxxxx@pdq.net
To unsubscribe send a blank email to %%email.unsub%%
If you replace GINA who can stop you from doing this?
Stefan
-----Original Message-----
From: Gregory G. Dyess [mailto:xxxxx@pdq.net]
Sent: Thursday, April 18, 2002 3:58 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.
I really hope like hell you can’t do it! That would violate any number of
proper security procedures and safeguards.
Greg
----- Original Message -----
From: “Krishna”
To: “NT Developers Interest List”
Sent: Thursday, April 18, 2002 3:55 PM
Subject: [ntdev] I want to retrieve Username ,Password ,Domain text from
GINA system.
> Hello All ,
>
> I am developing one wrapper around MSGINA for windows NT ,but I am unable
> to get the UserName and Password after User enter’s it while login. Can
> anybody tell me in which callback I should get it ??
> I tried in WlxLoggedOutSAS and WlxActivateUserShell…
>
> How can I get it ???
>
> —
> You are currently subscribed to ntdev as: xxxxx@aalayance.com
> To unsubscribe send a blank email to %%email.unsub%%
>
—
You are currently subscribed to ntdev as: xxxxx@pdq.net
To unsubscribe send a blank email to %%email.unsub%%
—
You are currently subscribed to ntdev as: sboboc@ps.ro
To unsubscribe send a blank email to %%email.unsub%%
I read the original posting as a wrapper around GINA, not a replacement for
it. If I misread, then I apologize and see no concerns. If I read it
correctly, then I have a big concern if it is possible.
Greg
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Stefan Boboc
Sent: Thursday, April 18, 2002 10:07 AM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.
If you replace GINA who can stop you from doing this?
Stefan
-----Original Message-----
From: Gregory G. Dyess [mailto:xxxxx@pdq.net]
Sent: Thursday, April 18, 2002 3:58 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.
I really hope like hell you can’t do it! That would violate any number of
proper security procedures and safeguards.
Greg
----- Original Message -----
From: “Krishna”
To: “NT Developers Interest List”
Sent: Thursday, April 18, 2002 3:55 PM
Subject: [ntdev] I want to retrieve Username ,Password ,Domain text from
GINA system.
> Hello All ,
>
> I am developing one wrapper around MSGINA for windows NT ,but I am unable
> to get the UserName and Password after User enter’s it while login. Can
> anybody tell me in which callback I should get it ??
> I tried in WlxLoggedOutSAS and WlxActivateUserShell…
>
> How can I get it ???
>
> —
> You are currently subscribed to ntdev as: xxxxx@aalayance.com
> To unsubscribe send a blank email to %%email.unsub%%
>
—
You are currently subscribed to ntdev as: xxxxx@pdq.net
To unsubscribe send a blank email to %%email.unsub%%
—
You are currently subscribed to ntdev as: sboboc@ps.ro
To unsubscribe send a blank email to %%email.unsub%%
—
You are currently subscribed to ntdev as: xxxxx@pdq.net
To unsubscribe send a blank email to %%email.unsub%%
Yes you are right! It as a wrapper aroundGINA not a replacement!
Stefan
-----Original Message-----
From: Gregory G. Dyess [mailto:xxxxx@pdq.net]
Sent: Thursday, April 18, 2002 4:18 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.
I read the original posting as a wrapper around GINA, not a replacement for
it. If I misread, then I apologize and see no concerns. If I read it
correctly, then I have a big concern if it is possible.
Greg
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Stefan Boboc
Sent: Thursday, April 18, 2002 10:07 AM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.
If you replace GINA who can stop you from doing this?
Stefan
-----Original Message-----
From: Gregory G. Dyess [mailto:xxxxx@pdq.net]
Sent: Thursday, April 18, 2002 3:58 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.
I really hope like hell you can’t do it! That would violate any number of
proper security procedures and safeguards.
Greg
----- Original Message -----
From: “Krishna”
To: “NT Developers Interest List”
Sent: Thursday, April 18, 2002 3:55 PM
Subject: [ntdev] I want to retrieve Username ,Password ,Domain text from
GINA system.
> Hello All ,
>
> I am developing one wrapper around MSGINA for windows NT ,but I am unable
> to get the UserName and Password after User enter’s it while login. Can
> anybody tell me in which callback I should get it ??
> I tried in WlxLoggedOutSAS and WlxActivateUserShell…
>
> How can I get it ???
>
> —
> You are currently subscribed to ntdev as: xxxxx@aalayance.com
> To unsubscribe send a blank email to %%email.unsub%%
>
—
You are currently subscribed to ntdev as: xxxxx@pdq.net
To unsubscribe send a blank email to %%email.unsub%%
—
You are currently subscribed to ntdev as: sboboc@ps.ro
To unsubscribe send a blank email to %%email.unsub%%
—
You are currently subscribed to ntdev as: xxxxx@pdq.net
To unsubscribe send a blank email to %%email.unsub%%
—
You are currently subscribed to ntdev as: sboboc@ps.ro
To unsubscribe send a blank email to %%email.unsub%%
This is not really a security issue.
In order to install such a “wrapper” for GINA in the first place, you’d have to have “administrator” privilege.
The only way to get Administrator privilege is to login first, before the wrapper is installed.
You, as Administrator have to decide whether you trust this Wrapper before you install it – the same kind of decision you make when
you install and use the “original” MS supplied GINA which just happens to be installed as part of OS installation.
So if you don’t trust the wrapper, you don’t install it.
This is the reason, BTW, that you shouldn’t be logging into your system on a daily basis as administrator. Administrator has the
privilege to install any component into the Trusted Computing Base, and if you’re casual about installation, you just might
accidentally install a Trojan that compromises your system. We as developers tend to be a bit lax about security because we
typically need very high privilege levels in order to get our jobs done. Rather than investigating and enabling just the privileges
we need to do debugging, we just login as Admin and be done with it. I’m guilty of it. I’m sure others are as well.
ERX
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Gregory G. Dyess
Sent: Thursday, April 18, 2002 10:18 AM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.I read the original posting as a wrapper around GINA, not a
replacement for
it. If I misread, then I apologize and see no concerns. If I read it
correctly, then I have a big concern if it is possible.Greg
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Stefan Boboc
Sent: Thursday, April 18, 2002 10:07 AM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.If you replace GINA who can stop you from doing this?
Stefan-----Original Message-----
From: Gregory G. Dyess [mailto:xxxxx@pdq.net]
Sent: Thursday, April 18, 2002 3:58 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.I really hope like hell you can’t do it! That would violate
any number of
proper security procedures and safeguards.Greg
----- Original Message -----
From: “Krishna”
>To: “NT Developers Interest List”
>Sent: Thursday, April 18, 2002 3:55 PM
>Subject: [ntdev] I want to retrieve Username ,Password ,Domain
>text from
>GINA system.
>
>
>> Hello All ,
>>
>> I am developing one wrapper around MSGINA for windows NT
>,but I am unable
>> to get the UserName and Password after User enter’s it while
>login. Can
>> anybody tell me in which callback I should get it ??
>> I tried in WlxLoggedOutSAS and WlxActivateUserShell…
>>
>> How can I get it ???
>>
>> —
>> You are currently subscribed to ntdev as: xxxxx@aalayance.com
>> To unsubscribe send a blank email to %%email.unsub%%
>>
>
>
>—
>You are currently subscribed to ntdev as: xxxxx@pdq.net
>To unsubscribe send a blank email to %%email.unsub%%
>
>
>—
>You are currently subscribed to ntdev as: sboboc@ps.ro
>To unsubscribe send a blank email to %%email.unsub%%
>
>—
>You are currently subscribed to ntdev as: xxxxx@pdq.net
>To unsubscribe send a blank email to %%email.unsub%%
>
>
>—
>You are currently subscribed to ntdev as: xxxxx@spinnakernet.com
>To unsubscribe send a blank email to %%email.unsub%%
The original concern was whether or not there was a way to trap plaintext
passwords using the MS-supplied GINA.
The issue is that, even as an Administor, for the most part I can’t touch
your stuff without leaving a little trail of droppings in the system. A
forensic analyst could look at this trail and would know that some evil soul
in the Administrator group had been fooling around.
If, on the other hand, I can use my privileges to capture your actual
plaintext password, then I can log in AS YOU and get away with doing
anything I want. As far as the operating system is concerned, you did the
damage yourself.
It’s likely that installing a home-grown replacement GINA would leave its
own trail of droppings, so things are probably safe on that front. But if
the MS-supplied GINA has a convenient, built-in method for catching
plaintext passwords, then evil administrators become much harder to track
down. That would definitely be a cause for concern.
-Art Baker
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Eric Lee Steadle
Sent: Thursday, April 18, 2002 11:00 AM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.This is not really a security issue.
In order to install such a “wrapper” for GINA in the first place,
you’d have to have “administrator” privilege.
The only way to get Administrator privilege is to login first,
before the wrapper is installed.
You, as Administrator have to decide whether you trust this
Wrapper before you install it – the same kind of decision you make when
you install and use the “original” MS supplied GINA which just
happens to be installed as part of OS installation.So if you don’t trust the wrapper, you don’t install it.
This is the reason, BTW, that you shouldn’t be logging into your
system on a daily basis as administrator. Administrator has the
privilege to install any component into the Trusted Computing
Base, and if you’re casual about installation, you just might
accidentally install a Trojan that compromises your system. We as
developers tend to be a bit lax about security because we
typically need very high privilege levels in order to get our
jobs done. Rather than investigating and enabling just the privileges
we need to do debugging, we just login as Admin and be done with
it. I’m guilty of it. I’m sure others are as well.ERX
>-----Original Message-----
>From: xxxxx@lists.osr.com
>[mailto:xxxxx@lists.osr.com]On Behalf Of Gregory G. Dyess
>Sent: Thursday, April 18, 2002 10:18 AM
>To: NT Developers Interest List
>Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
>from GINA system.
>
>
>I read the original posting as a wrapper around GINA, not a
>replacement for
>it. If I misread, then I apologize and see no concerns. If I read it
>correctly, then I have a big concern if it is possible.
>
>Greg
>
>-----Original Message-----
>From: xxxxx@lists.osr.com
>[mailto:xxxxx@lists.osr.com]On Behalf Of Stefan Boboc
>Sent: Thursday, April 18, 2002 10:07 AM
>To: NT Developers Interest List
>Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
>from GINA system.
>
>
>If you replace GINA who can stop you from doing this?
>Stefan
>
>-----Original Message-----
>From: Gregory G. Dyess [mailto:xxxxx@pdq.net]
>Sent: Thursday, April 18, 2002 3:58 PM
>To: NT Developers Interest List
>Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
>from GINA system.
>
>
>I really hope like hell you can’t do it! That would violate
>any number of
>proper security procedures and safeguards.
>
>Greg
>
>----- Original Message -----
>From: “Krishna”
> >To: “NT Developers Interest List”
> >Sent: Thursday, April 18, 2002 3:55 PM
> >Subject: [ntdev] I want to retrieve Username ,Password ,Domain
> >text from
> >GINA system.
> >
> >
> >> Hello All ,
> >>
> >> I am developing one wrapper around MSGINA for windows NT
> >,but I am unable
> >> to get the UserName and Password after User enter’s it while
> >login. Can
> >> anybody tell me in which callback I should get it ??
> >> I tried in WlxLoggedOutSAS and WlxActivateUserShell…
> >>
> >> How can I get it ???
> >>
> >> —
> >> You are currently subscribed to ntdev as: xxxxx@aalayance.com
> >> To unsubscribe send a blank email to %%email.unsub%%
> >>
> >
> >
> >—
> >You are currently subscribed to ntdev as: xxxxx@pdq.net
> >To unsubscribe send a blank email to %%email.unsub%%
> >
> >
> >—
> >You are currently subscribed to ntdev as: sboboc@ps.ro
> >To unsubscribe send a blank email to %%email.unsub%%
> >
> >—
> >You are currently subscribed to ntdev as: xxxxx@pdq.net
> >To unsubscribe send a blank email to %%email.unsub%%
> >
> >
> >—
> >You are currently subscribed to ntdev as: xxxxx@spinnakernet.com
> >To unsubscribe send a blank email to %%email.unsub%%
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@nfr.com
> To unsubscribe send a blank email to %%email.unsub%%
Yes, I fully agree with you. But I think that one privilege is enough to
do anything with your OS. If you guess SeLoadDriverPrivilege, you’re right
;-)).
And the driver development cannot be done without this privilege, thus
when you’re developing drivers, you’re always risking a bit ;-))).
Paul
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Eric Lee Steadle
Sent: Thursday, April 18, 2002 5:00 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text from
GINA system.
This is not really a security issue.
In order to install such a “wrapper” for GINA in the first place, you’d have
to have “administrator” privilege.
The only way to get Administrator privilege is to login first, before the
wrapper is installed.
You, as Administrator have to decide whether you trust this Wrapper before
you install it – the same kind of decision you make when
you install and use the “original” MS supplied GINA which just happens to be
installed as part of OS installation.
So if you don’t trust the wrapper, you don’t install it.
This is the reason, BTW, that you shouldn’t be logging into your system on a
daily basis as administrator. Administrator has the
privilege to install any component into the Trusted Computing Base, and if
you’re casual about installation, you just might
accidentally install a Trojan that compromises your system. We as developers
tend to be a bit lax about security because we
typically need very high privilege levels in order to get our jobs done.
Rather than investigating and enabling just the privileges
we need to do debugging, we just login as Admin and be done with it. I’m
guilty of it. I’m sure others are as well.
ERX
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Gregory G. Dyess
Sent: Thursday, April 18, 2002 10:18 AM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.I read the original posting as a wrapper around GINA, not a
replacement for
it. If I misread, then I apologize and see no concerns. If I read it
correctly, then I have a big concern if it is possible.Greg
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Stefan Boboc
Sent: Thursday, April 18, 2002 10:07 AM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.If you replace GINA who can stop you from doing this?
Stefan-----Original Message-----
From: Gregory G. Dyess [mailto:xxxxx@pdq.net]
Sent: Thursday, April 18, 2002 3:58 PM
To: NT Developers Interest List
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain text
from GINA system.I really hope like hell you can’t do it! That would violate
any number of
proper security procedures and safeguards.Greg
----- Original Message -----
From: “Krishna”
>To: “NT Developers Interest List”
>Sent: Thursday, April 18, 2002 3:55 PM
>Subject: [ntdev] I want to retrieve Username ,Password ,Domain
>text from
>GINA system.
>
>
>> Hello All ,
>>
>> I am developing one wrapper around MSGINA for windows NT
>,but I am unable
>> to get the UserName and Password after User enter’s it while
>login. Can
>> anybody tell me in which callback I should get it ??
>> I tried in WlxLoggedOutSAS and WlxActivateUserShell…
>>
>> How can I get it ???
>>
>> —
>> You are currently subscribed to ntdev as: xxxxx@aalayance.com
>> To unsubscribe send a blank email to %%email.unsub%%
>>
>
>
>—
>You are currently subscribed to ntdev as: xxxxx@pdq.net
>To unsubscribe send a blank email to %%email.unsub%%
>
>
>—
>You are currently subscribed to ntdev as: sboboc@ps.ro
>To unsubscribe send a blank email to %%email.unsub%%
>
>—
>You are currently subscribed to ntdev as: xxxxx@pdq.net
>To unsubscribe send a blank email to %%email.unsub%%
>
>
>—
>You are currently subscribed to ntdev as: xxxxx@spinnakernet.com
>To unsubscribe send a blank email to %%email.unsub%%
—
You are currently subscribed to ntdev as: xxxxx@compelson.com
To unsubscribe send a blank email to %%email.unsub%%
“Art Baker” wrote in message news:xxxxx@ntdev…
>
> If, on the other hand, I can use my privileges to capture your actual
> plaintext password, then I can log in AS YOU and get away with doing
> anything I want. As far as the operating system is concerned, you did the
> damage yourself.
>
This is an entirely specious argument. If your an admin, you can load a
driver. If you can load a driver, that driver can run in the context of any
user application. If the driver can run in the context of any user
application, it can capture that user’s security credentials and impersonate
the user at will.
It is not the goal of genearl purpose security systems, such as that on NT,
to protect the system against administrators. The fact that an admin can’t
get your password is a “feature”, but it’s not some sacred security concept.
It probably has as much to do with the fact that a 1-way hash is used to
store the password more than anything else.
Peter
OSR
Hello, Gregory G. Dyess!
I have done it last year just as what stefan said, and I don’t think it’s a security problem. *Administrator privilege is needed.*
======= 2002-04-18 You write??=======
I really hope like hell you can’t do it! That would violate any number of
proper security procedures and safeguards.Greg
----- Original Message -----
From: “Krishna”
>To: “NT Developers Interest List”
>Sent: Thursday, April 18, 2002 3:55 PM
>Subject: [ntdev] I want to retrieve Username ,Password ,Domain text from
>GINA system.
>
>
>> Hello All ,
>>
>> I am developing one wrapper around MSGINA for windows NT ,but I am unable
>> to get the UserName and Password after User enter’s it while login. Can
>> anybody tell me in which callback I should get it ??
>> I tried in WlxLoggedOutSAS and WlxActivateUserShell…
>>
>> How can I get it ???
>>
>> —
>> You are currently subscribed to ntdev as: xxxxx@aalayance.com
>> To unsubscribe send a blank email to %email.unsub%
>>
>
>
>—
>You are currently subscribed to ntdev as: xxxxx@pdq.net
>To unsubscribe send a blank email to %email.unsub%
>
>
>—
>You are currently subscribed to ntdev as: xxxxx@sina.com
>To unsubscribe send a blank email to %%email.unsub%%
= = = = = = = = = = = = = = = = = = = =
Best regards.
Star
xxxxx@sina.com
1999-01-07
Hello All,
Actually When I am replacing complete GINA with my own functionality then
I can retrieve it (in plain text ) but I am not getting same thing when I
am wrapping around MSGINA. Do anybody has any idea.
Also I want to know one more thing that if I want to provide my own
authentication on NT means I want to authenticate it using fingure print
,how can I do it ?? Do NT has provision for that ?? or I need to do it
myself.
> Also I want to know one more thing that if I want to provide my own
authentication on NT means I want to authenticate it using fingure print
,how can I do it ?? Do NT has provision for that ??
Yes, GINA + custom auth package.
Max
Hello All ,
I found many peoples discussing about security voilation because of GINA
replacement.
How this is voilation ?? if it is then I think a programmer can replace
almost each part of Windows. right ?? then you see it’s worst case
voilation.I think this security issues are only for end user. A programmer
do not have this limitation at any time. And no OS can resist a programmer
from doing such things ,On any platform if I can replace some part of OS
then who can resist me from getting the user privacy.
And if somebody want wants to protect his OS from such programmers ,he
need to keep OS in ROM or some Read Only Hardware … and it’s not
affordable ,and updateble…
Long live the programmers…
In Theory it is possible, but in practical it is impossible to replace any
part of the OS, try replacing HAL if u get success, then everything is
possible :-p
----- Original Message -----
From: “Krishna Pawar”
To: “NT Developers Interest List”
Sent: Monday, April 22, 2002 10:51 AM
Subject: [ntdev] RE:I want to retrieve Username ,Password ,Domain text from
GINA system.
> Hello All ,
> I found many peoples discussing about security voilation because of GINA
> replacement.
> How this is voilation ?? if it is then I think a programmer can replace
> almost each part of Windows. right ?? then you see it’s worst case
> voilation.I think this security issues are only for end user. A programmer
> do not have this limitation at any time. And no OS can resist a programmer
> from doing such things ,On any platform if I can replace some part of OS
> then who can resist me from getting the user privacy.
> And if somebody want wants to protect his OS from such programmers ,he
> need to keep OS in ROM or some Read Only Hardware … and it’s not
> affordable ,and updateble…
>
> Long live the programmers…
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@aalayance.com
> To unsubscribe send a blank email to %%email.unsub%%
MR. Int is this theory only that the peoples at Microsoft has developed
many versions of HAL.Anyone who is thorough with hardware development can
do it right ?? I dont mean replacement of OS part by somebody perticular
,but overall programmers.
Do you think it’s impossible ??
MS guys can replace any thing coz they have source code and complete
documentation+core developers. But third party vendores i refferd. Can they
develop and replace for example “NT Executive” part ? No. He might write his
own OS… replaceing some OS any component is not possible.
Regards,
Satish K.S
----- Original Message -----
From: “Krishna Pawar”
To: “NT Developers Interest List”
Sent: Monday, April 22, 2002 4:10 PM
Subject: [ntdev] RE:I want to retrieve Username ,Password ,Domain text from
GINA system.
> MR. Int is this theory only that the peoples at Microsoft has developed
> many versions of HAL.Anyone who is thorough with hardware development can
> do it right ?? I dont mean replacement of OS part by somebody perticular
> ,but overall programmers.
> Do you think it’s impossible ??
>
> —
> You are currently subscribed to ntdev as: xxxxx@aalayance.com
> To unsubscribe send a blank email to %%email.unsub%%
>
But still I think it’s not immpossible…practically.
we too can wrap and add our own things , in damm hard situation where
nothing is documented.
Some third party vendors provides custom HAL to make Win 2k and Win NT
real time.they makes OS as user service with their HAL.
Even Win32/Posix/OS2 subsystems are replaceble (documented).
I agree that some undocumented part is hard to replace for the peoples
like us ,but not impossible.
> But still I think it’s not immpossible…practically.
we too can wrap and add our own things , in damm hard situation where
nothing is documented.
Your thinking is good, you say “Nothing is impossible” ( These are all book
fundas, it no use in practical situation ) 
Some third party vendors provides custom HAL to make Win 2k and Win NT
real time.they makes OS as user service with their HAL.
I will not recomand to buy a 3rd party HAL for WinNT
Even Win32/Posix/OS2 subsystems are replaceble (documented).
These all are User Mode programms and it is no use for this discussion.
I agree that some undocumented part is hard to replace for the peoples
like us ,but not impossible.
While talking something we need to think “Is this possible from me” or else
we cannot generally say “not impossible” ( This makes sense for those who
develop NT ) not for the rest. If i develop something, it is possible to
change something from “me” not from others. offcourse in open source it is
possible to play around, right now as know NT is close source.
regards,
Satish K.S