[407] in Best-of-Security
BoS: Re: WinNT syscalls insecurity
daemon@ATHENA.MIT.EDU (Roger Espel Llima)
Tue Oct 21 16:28:06 1997
Date: Sun, 19 Oct 1997 05:37:14 +0200
Reply-To: Roger Espel Llima <espel@LLAIC.U-CLERMONT1.FR>
From: Roger Espel Llima <espel@LLAIC.U-CLERMONT1.FR>
In-Reply-To: <199710190702.EAA01779@false.com>; from Solar Designer on Sun,
Oct 19, 1997 at 04:02:34AM -0300
Old-X-Originally-To: To: BUGTRAQ@NETSPACE.ORG
Old-X-Originated-From: From: Roger Espel Llima <espel@LLAIC.U-CLERMONT1.FR>
Errors-To: best-of-security-request@cyber.com.au
To: best-of-security@cyber.com.au
Resent-From: best-of-security@cyber.com.au
On Sun, Oct 19, 1997 at 04:02:34AM -0300, Solar Designer wrote:
> Here's some [already known] information to make sure everyone understands
> the stuff I'll be talking about. More information can be found at sites
> like www.ntinternals.com.
and if your message wasn't enough to convince us that NT is a joke of
an OS, here's a snippet from http://www.ntinternals.com./tips.htm :
| Never-ending Quantum?
|
| In NT, as with most time-sharing operating systems, threads run in turns
| called quantums. Normally, a thread executes until its quantum runs out.
| The next time it is scheduled it starts with a full quantum. However, in
| NT a thread also gets its quantum refreshed every time its thread or
| process priority is set. This means that a thread can reset its quantum
| by calling SetThreadPriority (without changing its priority) before its
| turn runs out. If it continues to do this it will effectively have an
| infinite quantum. Why does NT do this? Its not clear, but it appears to
| be a bug.
can we say easy DoS?
--
Roger Espel Llima
espel@llaic.univ-bpclermont.fr, espel@unix.bigots.org
http://www.eleves.ens.fr:8080/home/espel/index.html
