On Thursday 01 March 2012 10:40:51 Carsten Krüger wrote: > > If that works out, all that is needed is the service increasing the > > tokens integrity> > > level before starting openvpn and the user will have limited access to the > > running openvpn process. > > a) this didn't work, you can lower the level and but not higher
Did you try it? I hope that it doesn't work for a normal user. The service should have sufficient rights to modify it I guess. Again these are only assumptions. If you have practical experience please be more verbose. > b) dll injection is ONE example of how a user can manipulate his own > process. I'm no expert at hacking windows but you can trust me, it > exists 1001 possibilities to do the same. You have no chance to block > them. I file that under FUD until you're more explicit. Heiko -- Heiko Hund | Software Engineer | Phone +49-721-25516-237 | Fax -200 Astaro a Sophos Company | Amalienbadstr. 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRA 702710 | Headquarter Location: Karlsruhe Represented by the General Partner Astaro Verwaltungs GmbH Amalienbadstraße 41 Bau 52 | 76227 Karlsruhe | Germany Commercial Register: Mannheim HRB 708248 | Executive Board: Gert Hansen, Markus Hennig, Jan Hichert, Günter Junk, Dr. Frank Nellissen