zlacker

[parent] [thread] 1 comments
1. bcoate+(OP)[view] [source] 2025-03-30 02:33:36
(Only) the process is elevated, but the process has a window on a shared session, and the OS does not successfully protect processes that share a session (and user, and registry, and disk, etc., etc.) from controlling each other.

From an API point of view, only one process is elevated. From a security point of view, if one process is elevated they all are, due to a lack of any effective mechanism that actually stops them.

replies(1): >>jorvi+j1
2. jorvi+j1[view] [source] 2025-03-30 02:48:32
>>bcoate+(OP)
No, even then there are things like Mandatory Integrity Control and Windows Message Restrictions / UIAccess. I'd dive into to deeper but I just got home from going out haha. Those terms should help you dig into it though!

I do fully agree that desktop OSes are a legacy security model and they can't hold a candle to that of iOS. Android is getting there, but because it also started from mostly an open all-access model it's been having the same warts.

[go to top]