A question for the Windows experts here.
-
A question for the Windows experts here. Microsoft documentation claims that `DuplicateHandle()` can only duplicate pseudo-handles that belong to the process itself (such as the one returned by `GetCurrentProcess()`). However [1] contains an explicit warning that having `PROCESS_DUP_HANDLE` permissions to another process allows you to duplicate the pseudo-handle of that process. This grants you a handle with full permissions to that process. So which is which?
[1] https://learn.microsoft.com/en-us/windows/win32/procthread/process-security-and-access-rights
-
A question for the Windows experts here. Microsoft documentation claims that `DuplicateHandle()` can only duplicate pseudo-handles that belong to the process itself (such as the one returned by `GetCurrentProcess()`). However [1] contains an explicit warning that having `PROCESS_DUP_HANDLE` permissions to another process allows you to duplicate the pseudo-handle of that process. This grants you a handle with full permissions to that process. So which is which?
[1] https://learn.microsoft.com/en-us/windows/win32/procthread/process-security-and-access-rights
@gabrielesvelto vibes-based security
-
R relay@relay.infosec.exchange shared this topic
