[21561] in bugtraq
RE: W2k: Unkillable Applications
daemon@ATHENA.MIT.EDU (Frank Breedijk)
Tue Jul 17 11:44:05 2001
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Date: Tue, 17 Jul 2001 13:00:55 +0200
Message-ID: <9DEF5AE699246E48BBBC3B9469681C0010C9E2@NL-AMS-06.office.interxion.net>
From: "Frank Breedijk" <FrankB@InterXion.com>
To: "Chad Loder" <cloder@acm.org>,
"Thomas Zehetbauer" <thomasz@hostmaster.org>
Cc: <bugtraq@securityfocus.com>
Content-Transfer-Encoding: 8bit
Chad,
> This does sound like a bug in the Task Manager,
> and maybe there are MINOR security implications
> in the fact that the Task Manager tells the
> administrator "This is a critical system process"
> when it's not...but the fact that the system
> administrator is trying to kill the process
> seems to suggest that he already knows otherwise.
I tend to disagree with you. When somebody mails a joke (e.g. VHold.exe)
quite often the only way to kill such a process is by going into
taskmanager.
> I'm sure they could have told you that an administrator
> can end system processes by right clicking on them and
> choosing "Debug" and then ending the process.
That feature is only available on systems with a debugger installed.
Mine isn't
> Not sure what happens when you have no just-in-time
> debugger installed.
No debug ability then.
MZZL,
Frank
