Understanding Windows Security on System Objects: Pros and Cons Explained

  • Thread starter Thread starter h0dgey84bc
  • Start date Start date
  • Tags Tags
    Interview
AI Thread Summary
Windows enforces security on system objects like processes and threads through access tokens and Access Control Lists (ACLs), which manage user permissions. Access tokens contain security information about the user and their group memberships, while ACLs specify which users or groups can access specific resources. A key drawback is that changes in group membership require the user to log off and log back on to update their access token, delaying access changes. However, a significant advantage is the ability to impersonate users, allowing services to operate under different user credentials, enhancing security. Understanding these concepts is crucial for managing Windows security effectively.
h0dgey84bc
Messages
159
Reaction score
0
Hi, I was asked this at an interview recently, "How does Windows impose security on system objects such as processes and threads? What are the pros and cons of this approach?"

Anyone have any ideas?

thanks.
 
Technology news on Phys.org
Starting with Windows NT, Microsoft uses the concept of "access tokens" and ACL (Access Control Lists).

An access token contains all the security information related to the user who has started a session. This token is created when the user logs on and destroyed upon logoff. The access token contains the SID (Security IDentifier) of the user and each group it belongs to. It also contains special privileges that the user my use (like the ability of shutting down the computer, debugging programs, ...). Each process and thread executed by the user contains a copy of this token.

An ACL is associated to every protected object or resource. It contains the list of SID that have access to it and which type of access (Full Control, Read/Write, Read Only, ...). Normally ACL define allowed rights, but it may also contain explicit denies.

When a thread tries to access any kernel object (mutex, semaphore, event, process, thread, ...) or resource (file, registry key, ...) the system compares the ACL of the object with the token associated with the thread requesting access. If a matching is found, the access is allowed, otherwise denied (somewhat simplified)

The main problem is that any change in the group membership of the user is not dinamically propagated. This means that the user can't get instant access to new resources, but even worse, the administrator can't inmediately deny access to some resource by removing the user from the appropiate group. The user must logoff and log on again to get an updated token with the new list of SID's.

One of the advantages is the impersonation (the ability of a process or thread to temporarily take the personality of another user if it has the right to do so). The access token is duplicated on every process and thread, so one thread might impersonate another user without modifying the rights of other threads or processes. This is specially important in services that handle requests from many users. Using impersonation, the service can use the rights of each user instead of the user who started the service (normally SYSTEM or Administrator). This increases security against bugs or malicious users.

It's a little simplified, but I think you can see the concept.
 
Dude, you got the job!

What would have said to this one "What is a Windows Service and when might you use one? What special consideration do Services require?"

I think I got this one correct, although my answer was probably a little rough around the edges, especially on the second part of the question.
 
It's me who is taking the interview ?

Services is a big topic in Windows. There are many types of services and many reasons to create one. For example, internally Windows also treats device drivers as services (although with some special characteristics).

A service in Windows is a process that runs in the background in the context of a preconfigured account. It is not associated with any interactive user session (although it can run with the credentials of any user) and it can be running even if there isn't any user authenticated to the server or workstation. Windows allows multiple services to be running inside one process to save resources (this is the case of svchost.exe that hosts multiple Windows services at once).

Basically you use a service when you need to offer access to shared resources (files, databases, web resources, printers, ...), but there are other reasons not always so obvious. When you design a new program you should eveluate its needs and decide how it should run.

Microsoft is tending to move some management functions to services and even breaking some functionalities into different services (specially in Windows Vista). Personally I don't like this approach because forces you to have many services running. There are many dependencies between services, so it's very difficult to stop some of them without breaking the functionalities you really want.

What special consideration do services require ? a lot. Probably the most obvious is that it cannot interact with any interactive user directly (before Windows Vista this possibility existed). If it needs to interact, you also need to develop some kind of client. The internal structure of a service is quite different from a normal user process. Also, it runs with a fixed set of credentials that generally have elevated privileges, so extremely care must be taken while designing and implementing the service to avoid security holes.

Well, I think this is enough as an introduction. Services is an extensive topic to talk about them generally.
 
I think you should apply for this job, haha, you definitley are more qualified than me anyway...I am just a lowly physics grad, no idea why the recruitment guy sent me for this, seems definitley more suited to a comp sci grad.
 
If you get the job, doesn't he get the commission?! :)
 

Thread 'Learning Assembly and computer architecture for x86'

Dear Peeps I have posted a few questions about programing on this sectio of the PF forum. I want to ask you veterans how you folks learn program in assembly and about computer architecture for the x86 family. In addition to finish learning C, I am also reading the book From bits to Gates to C and Beyond. In the book, it uses the mini LC3 assembly language. I also have books on assembly programming and computer architecture. The few famous ones i have are Computer Organization and...
View full post »

Thread 'Learning data structures and algorithms in different programming languages'

I have a quick questions. I am going through a book on C programming on my own. Afterwards, I plan to go through something call data structures and algorithms on my own also in C. I also need to learn C++, Matlab and for personal interest Haskell. For the two topic of data structures and algorithms, I understand there are standard ones across all programming languages. After learning it through C, what would be the biggest issue when trying to implement the same data...
View full post »

Similar threads

How secure are unofficial MS Windows copies?
Replies
11
Views
2K
Bash shell via Git Bash or WSL in Windows
Replies
1
Views
4K
Making The Best Use Of RAM In Windows
Replies
1
Views
428
How secure are unofficial Android versions?
Replies
6
Views
2K
Python Docker containers in Windows "look" like VMs...
Replies
4
Views
3K
Why do many applications come with their own terminal instead of using the native shell?
Replies
3
Views
2K
General Question on 32- and 64- bit systems
Replies
8
Views
2K
NIST SP 800-160, Systems Security Engineering
Replies
1
Views
2K
Python MCMC algorithm -- understanding some paremeters
Replies
4
Views
1K
Seek Open Source Web Design Software for Serial Controlled Systems
Replies
11
Views
1K

Hot Threads

Recent Insights

Back
Top