![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to xtra_nfo.txt CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / q_a / samples / check_sd|
Return to xtra_nfo.txt CVS log | Up to [WindowsNT SDKs] / q_a / samples / check_sd |
1.1 root 1: "Extra Information".txt
2:
3: Here is some extra information on security. Although these issues
4: have come up in the past in discussion with developers of Win32
5: apps, this isn't really a FAQ (Frequently Asked Questions) list,
6: in that some of the issues below haven't come up that often.
7: It's just extra information made available to you on this CD
8:
9: From time to time when we answer questions that pertain to any of
10: the issues below, we may refer to particular ranges of line
11: numbers in this file as part of the discussion. We may also
12: upload to a Compuserve library (for example GO MSWIN32) updated
13: versions of this file that would contain additional and/or more
14: recent extra information
15:
16: --- Getting started with security as a developer
17:
18: Among the first places to look would be:
19:
20: - "Inside Windows NT", by Custer, from MS Press, 1993, ISBN
21: 1-55615-481-X. See pages 72-81
22:
23: - "Windows NT - Answer Book", by Groves, from MS Press, 1993,
24: ISBN 1-55615-562-X. See pages 44-141 and 187-190. Much of
25: this information is actually more tuned towards
26: administrators and end-users, however developers may also
27: find this information useful
28:
29: - The Windows NT Resource Guide (see on this CD the
30: \doc\enduser\resource directory), chapter 3, which is pages
31: 51-92
32:
33: - The two-article "Inside Windows NT Security" series by Rob
34: Reichel that appeared in Windows/DOS Developer's Journal.
35: The first of the series appeared in the April 1993 issue
36: beginning on page 6, the second appeared in the May 1993
37: issue, pages 44-50
38:
39: - The Win32 .hlp file. Click on "Functions and Overviews",
40: choose Security, click the "Overview" button. The first
41: nine subtopics ("Terms" through "SIDs") need to be
42: understood before moving on. In particular see the diagram
43: in the "Security Model" subtopic, that shows the
44: relationship between Access Token and ACL. Pages 84-92 of
45: the Windows NT Resource Guide chapter 3 have examples
46: showing how this relationship works
47:
48: - This sample, check_sd, is also useful in understanding
49: Access Tokens and ACLs. It shows what some actual examples
50: of the data structures on your machine look like, how the
51: different defines for building up Access Mask values may
52: have been used, etc
53:
54: --- Information on C2 security
55:
56: In the Windows NT Resource Guide (see on this CD the
57: \doc\enduser\resource directory) on pages 52-54 is a summary
58: of the C2 criteria. This is a good place to start
59: understanding the C2 criteria, as is "Inside Windows NT", by
60: Custer, from MS Press, 1993, ISBN 1-55615-481-X. See pages
61: 3-4, 74-76, 196, 330 and 370
62:
63: If more info is needed, the Government Printing Office
64: (202)783-3238 provides copies of the Orange Book, GPO Stock
65: Number 008-000-00461-7 at nominal charges. Another reference
66: is the book "Computer Security Basics", by Russel and Gangemi,
67: from O'Reilly & Assoc, 1992, ISBN 0-937175-71-4. This book
68: has a 59 page chapter 6 (called "Inside the Orange Book")
69: along with other information that may be useful to those
70: working their way through each of the 121 pages in the Orange
71: Book
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.