Kernel objects

greetings everyone,

I wanted to know how we can securely create and use kernel objects in a
driver. any goos paper on this, or even pointers on this would be helpful.
I have heard of ACLS, but I want to know how to use them effectively. And if
there are any other methods for doing this.

thanks

bedanto

Can you shed a bit more light on the scenario in question?

  • S

From: Bedanto
Sent: Tuesday, July 28, 2009 11:59
To: Windows System Software Devs Interest List
Subject: [ntdev] Kernel objects

greetings everyone,

I wanted to know how we can securely create and use kernel objects in a driver. any goos paper on this, or even pointers on this would be helpful.
I have heard of ACLS, but I want to know how to use them effectively. And if there are any other methods for doing this.

thanks

bedanto
— NTDEV is sponsored by OSR For our schedule of WDF, WDM, debugging and other seminars visit: http://www.osr.com/seminars To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

IoCreateDevice, IoCreateNotificationEvent, IoCreateFile and so on.


Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com

“Bedanto” wrote in message news:xxxxx@ntdev…
greetings everyone,

I wanted to know how we can securely create and use kernel objects in a driver. any goos paper on this, or even pointers on this would be helpful.
I have heard of ACLS, but I want to know how to use them effectively. And if there are any other methods for doing this.

thanks

bedanto

In general ACLs are for filesystems only. Their use for device objects
is documented in the WDK. Google, for example, SDDL for device
objects: http://msdn.microsoft.com/en-us/library/ms794693.aspx

Mark Roddy

On Tue, Jul 28, 2009 at 2:58 PM, Bedanto wrote:
> greetings everyone,
>
> I wanted to know how we can securely create and use kernel objects in a
> driver. any goos paper on this, or even pointers on this would be helpful.
> I have heard of ACLS, but I want to know how to use them effectively. And if
> there are any other methods for doing this.
>
>
> thanks
>
> bedanto
> — NTDEV is sponsored by OSR For our schedule of WDF, WDM, debugging and
> other seminars visit: http://www.osr.com/seminars To unsubscribe, visit the
> List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer

For documents, I suggest running a search of the OSR website with “security” as the search word. The 57 documents my search turned up should at least get you started…

than you alll for the valuable pointers. i shall read up on them and then
proceed with further questions.

i am, however, intrested in all obj manager object security, not merely file
systems.

skywing, to ans ur questoin, when we create an object, another kernel module
can open it if the name is known. So I wanted to experiment if there are
ways of opening/maintaining objects more sequrely, where other modules have
difficulty accessing them, either by intention or accident,

regards

B

On Wed, Jul 29, 2009 at 2:53 AM, wrote:

> For documents, I suggest running a search of the OSR website with
> “security” as the search word. The 57 documents my search turned up should
> at least get you started…
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>

? i am, however, intrested in all obj manager object security, not merely file systems.

Windows Internals book (http://technet.microsoft.com/en-us/sysinternals/bb963901.aspx) would be a great resource for this info (and more :)).

Praveen

From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Bedanto
Sent: Tuesday, July 28, 2009 8:27 PM
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] Kernel objects

than you alll for the valuable pointers. i shall read up on them and then proceed with further questions.

i am, however, intrested in all obj manager object security, not merely file systems.

skywing, to ans ur questoin, when we create an object, another kernel module can open it if the name is known. So I wanted to experiment if there are ways of opening/maintaining objects more sequrely, where other modules have difficulty accessing them, either by intention or accident,

regards

B
On Wed, Jul 29, 2009 at 2:53 AM, > wrote:
For documents, I suggest running a search of the OSR website with “security” as the search word. The 57 documents my search turned up should at least get you started…


NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

— NTDEV is sponsored by OSR For our schedule of WDF, WDM, debugging and other seminars visit: http://www.osr.com/seminars To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer