I think you didn’t get me correctly. My intention is not to beat the
security of Windows NT. I don’t want to show a fake dialog box during a
CTRL+ALT+DEL key combination. Instead when my application is running, for
some action by the user I need to pass control onto the “Windows NT
Security” dialog box which pops up when you press the CTRL+ALT+DEL key
combination. I think I made myself clear.
Thanks,
Sajeev.
-----Original Message-----
From: UNNI SANKAR [mailto:xxxxx@nestec.net]
Sent: Thursday, September 21, 2000 2:34 PM
To: NT Developers Interest List
Subject: [ntdev] RE: How to Simulate CTRL+ALT+DEL dialog box from a Ap
plication
The Ctrl+Alt+Delete logon-attention sequence IS an integral part of the NT
security model. Windows NT, apart from earning the C2 security ratings (NT
Ver 3.5 SP 3), also claims to meet two requirements of the higher B-level
security, one of which is the ‘Trusted path functionality’. This is nothing
but a method to prevent Trojan horse programs from being able to intercept
users’ names and passwords as they try to log on. Windows NT achieves this
using the Ctrl+Alt+Delete logon-attention sequence, also known as the secure
attention sequence (SAS). A Trojan horse presenting a fake logon dialog box
will be bypassed when the SAS is entered. So it must be pretty impossible
for any application to simulate CTRL+ALT+DEL dialog box.
Regards,
Unni Sankar
Sr. Software Engr, NeST
www.nesttech.com
-----Original Message-----
From: Chris Telting [mailto:xxxxx@mindspring.com]
Sent: Thursday, September 21, 2000 1:56 PM
To: NT Developers Interest List
Subject: [ntdev] RE: How to Simulate CTRL+ALT+DEL dialog box from a
Application
Is it possible to call the CTRL+ALT+DEL dialog box from a win32
application. I remember reading sometime back that CTRL+ALT+DEL forms a
different desktop and could not be called from applications, since they
run
on a different desktop. If it’s not possible to be done from a
application,
will I be able to do it with the help of a keyboard filter driver by
replacing some keys with CTRL+ALT+DEL.
Just relying on my poor memory about NT: CTRL+ALT+DEL is suppose to
be filtered away by if I’m not mistaken by it’s own driver. And you
can’t hook into it or replace it. It’s an integral part of NT’s
security model. It makes it difficult if not impossible to intercept
the CRTL+ALT+DELETE and provide a fake login box. If it’s implemented
as a priority filter after a keyboard driver then you might get lucky
if you write your own keyboard driver and provide a hook to insert
keystrokes. But I’m doubtful it could be that easy. Keyboard drivers
might be required to be signed in a normal system and if that’s the case
you are not going to get microsoft to sign it unless you satisfy their
security model.
You are currently subscribed to ntdev as: xxxxx@amiindia.co.in
To unsubscribe send a blank email to $subst(‘Email.Unsub’)