The wonderful thing about terms like “a lot” is that it is so
delightfully imprecise. Some people might consider 2 dozen applications
to be unacceptable (and if you run one or more of those applications and
it stops working then it IS unacceptable) but others will think those
applications “got what they had coming”.
Did you notice that many of them failed because they had stack-executing
code?
That IS a cost of increasing security. There are legitimate
applications that use techniques now considered to be highly suspect.
*I* consider eliminating stack execution to be worth the cost of
breaking applications, even those that I use. Other people might not
agree with that assessment. Bottom line? The decision belongs to
Microsoft - it is their operating system. We can argue the merits of
their decision, but we can’t do anything to undo it.
In 64-bit Windows XP and Server 2003, it is no longer possible to hook
system calls. I consider this to be a Good Thing. The last time I had
to use this technique in a real product was NT 3.51. Today, there’s a
different mechanism to achieve the same thing, so I wouldn’t do it. But
it WILL break applications. Again, I consider the “loss” of the ability
to hook system calls no loss at all. Applications that break because of
it were defective in the first place.
Harsh? Probably, but such is the cost of security - as you no doubt
know given the previous postings you’ve made in this thread.
Regards,
Tony
Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Eugene Lomovsky
Sent: Thursday, August 04, 2005 8:08 AM
To: ntfsd redirect
Subject: Re:[ntfsd] Problem with NtSuspendThread.
Greetings, Maxim!
You wrote on Wed, 3 Aug 2005 17:28:39 +04
> enough, but what for you post it in every msg?). After installing
SP2
>> on XP a
MSS> lot of
>> applications screwed up and what?
MSS> Not “a lot”. A minor number.
http://support.microsoft.com/default.aspx?scid=kb;en-us;884130
Eugene.
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17
You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to xxxxx@lists.osr.com