Over elevation when simulating UAC #119

bencikpeter · 2018-08-25T12:33:31Z

I´ve been having a look at how the elevation promt issue was resolved and found this:

https://github.com/SharkCagey/HTWG_shark_cage/blob/6e7da91cdcfdcc57d6324d8cc08021d76337bb5a/SharkCage/CageManager/CageManager.cpp#L212-L229

In my opinion this is a massive over-elevation of that process. Arbitrary process is being launched with a token having SeCreateTokenPrivilege, SeTcbPrivilege and with context of LocalSystem. That alone grants basically unlimited control of the whole machine. (And who knows what else is in that token, since it is sampled from some system process)

If we cannot fix it, I think it should be a point of discussion whether we want to do this and leave a big security hole, or disable running elevated processes in a cage for now

The text was updated successfully, but these errors were encountered:

DonatJR · 2018-08-25T13:09:16Z

Yeah, from #105:

Solution 2: Check for this error and display our own elevation prompt, this is currently rudimentarily implemented (thoughts?)

I just used the same code as before the token was used at all. This can certainly be improved.

bencikpeter · 2018-08-25T13:22:55Z

@DonatJR Sorry, didn´t see it there 😉

bencikpeter added the discussion label Aug 25, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Over elevation when simulating UAC #119

Over elevation when simulating UAC #119

bencikpeter commented Aug 25, 2018

DonatJR commented Aug 25, 2018

bencikpeter commented Aug 25, 2018

Over elevation when simulating UAC #119

Over elevation when simulating UAC #119

Comments

bencikpeter commented Aug 25, 2018

DonatJR commented Aug 25, 2018

bencikpeter commented Aug 25, 2018