« Software Trace Analysis Tools: CDFMarker
Icons for Memory Dump Analysis Patterns (Part 43) »

Reading Notebook: 25-May-10

Comments in italics are mine and express my own views, thoughts and opinions

Windows Internals by M. Russinovich, D. Solomon and A. Ionescu:

No share access for impersonation: we need logon  (p. 481)

S(ecure)QOS levels, SECURITY_CONTEXT_TRACKING (p. 482)

Integrity Level (client) <= Integrity Level (server) (pp. 482 - 483)

Restricted tokens -> filtered admin tokens (logon as admin with UAC) (pp. 483 - 484)

Callback, allowed(denied)-object (GUID-based for AD) ACEs (p. 487)

No DACL: full access, empty DACL: no access (p. 487)

System audit-object ACEs (p. 488)

This entry was posted on Tuesday, May 25th, 2010 at 7:53 pm and is filed under Notes on Windows Internals, Reading Notebook. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.