« Icons for Memory Dump Analysis Patterns (Part 43)
Icons for Memory Dump Analysis Patterns (Part 44) »

Reading Notebook: 26-May-10

Comments in italics are mine and express my own views, thoughts and opinions

Windows Internals by M. Russinovich, D. Solomon and A. Ionescu:

Explicit ACE are ahead of inherited (p. 491)

Differences of inheritable ACE propagation AD objects (p. 491)

Ntmarta.dll: security inheritance support DLL (p. 492)

SeAccessCheck optimization: integrity check -> DACL check (p. 492)

Low and medium integrity processes can read high integrity objects (p. 493)

UIPI safe messages, shatter attacks, blocked (journal) hooks (pp. 493 - 494)

Owner Rights SID (pp. 495 - 496)

Importance of ACE ordering (pp. 497 - 498)

Security editors place Deny ACE on top, Advanced Settings and Effective Permissions (pp. 498 - 500)

AuthZ API: security model in user mode (pp. 500 - 501)

This entry was posted on Thursday, May 27th, 2010 at 10:57 am and is filed under Notes on Windows Internals, Reading Notebook. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.