|
-
Jan 13th, 2005, 07:58 PM
#37
Software Eng.
Re: send info between apps
 Originally Posted by Sam Hobbs
I don't know what you are referring to.
Read the red. You contradicted yourself.
(But like I said: That's green banana's)
 Originally Posted by Sam Hobbs
If we had to specify all exceptions such as that (such as WM_COPYDATA works except to send pointers) then we would never get anything done.
The fact that pointers cannot be used needs to be mentioned, as many data structures do work with pointers.
Little things like an integer only stores 16-bits can be left out.
It depends on what is needed. Yes, if it is simply a matter of processing a message sent to/from a window, then that is as easy as you describe. However if there is something that needs to be done with the data differently than what the other application does, then it can be a lot of work.
As I stated earlier, we cannot explicity state it's more difficult.
 Originally Posted by Sam Hobbs
I am talking more from the point of view of the user of the software. It is my understanding that security specialists would object to use of ReadProcessMemory and WriteProcessMemory.
I don't doubt the possibility that some "specialists" will object to the use of these functions.
I also don't doubt that some "specialists" will approve of these functions.
 Originally Posted by Sam Hobbs
ReadProcessMemory can be a problem when used to get passwords and such.
By this logic, we should also disallow the use of WM_GETTEXT, since it can also be used to retrieve passwords.
Also, if a person does not understand Windows adequately, a user might allow use of ReadProcessMemory for an account (theirs or another account) in such a manner that allows all other applications that execute under that user's authority (including unintentional applications such as viruses) to have that access.
Yes, an inexperienced user is prone to harmful attacks committed with deliberate misuse of WriteProcessMemory, but there are just as much -- if not more -- viruses that utilize other methods. The registry, for instance. Point being, if WriteProcessMemory viruses can slip by this user, what's to stop registry viruses (or other types) from doing the same?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|